In partnership with the UW-Whitewater Cybersecurity Center for Business, Tetra Defense, an Arctic Wolf Company and CyberNINES, a series of Cybersecurity Readiness Workshops were hosted this week with special guest Matthew Travis, CEO of CMMC-AB
NEWS & UPDATES
Wisconsin DoD manufacturers and federal contractors gathered in Oshkosh on May 18 for the 8TH ANNUAL DOD CONTRACT MANAGEMENT UPDATE to discuss Supply Chain Challenges & Solutions in 2022. It has been a challenging year for the federal government and defense contractors as they face increased challenges – supply shortages, cost escalation, labor shortages, new requirements, and security challenges to mention a few.
CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.
Podcast Episode 1:
What is CMMC?
In January 2020 the Department of Defense (DoD) announced a new standard for assessing an organization’s cybersecurity posture called “Cybersecurity Maturity Model Certification (CMMC).” According to CMMC, all DoD contractors that process, transmit or store Controlled Unclassified Information (CUI) will be asked to be certified by a third-party assessment organization (C3PAO). The new CMMC program consists of five levels of certification in both cybersecurity practices and processes.
The Department of Defense’s (DoD) Interim Final Rule that went into effect on 30 November 2020, requires both primes and sub-contractors to submit their NIST SP 800-171 assessment score to the Supplier Performance Risk System (SPRS). While the rule will only impact new contracts, the DoD plans to do 148 Medium Assessments and 81 High Assessments over the next three years, with an estimated 8,823 basic assessment scores to be uploaded on SPRS each year to award new contracts to small businesses. At CyberNINES, we are aware of these changes and committed to helping small and medium-sized businesses accept purchase orders from the DoD and Prime Contractors.
Scott Singer, President of CyberNINES, was quoted by a reporter from Bloomberg about the Department of Defense’s (DoD) new cybersecurity requirement and its impact on the small and medium-sized businesses. Singer recently testified before the House Small Business Committee on recommendations for making the Cybersecurity Maturity Model Certification (CMMC) compliance attainable for DoD’s small business suppliers, expressed his concerns about the insufficient number of approved Certified 3rd Party Assessment Organizations (C3PAOs) to satisfy the need to certify the defense contractors by the 2025 deadline. There is a need for roughly 8,000 C3PAOs to certify 300,000 companies in the Defense Industrial Base (DIB).
CMMC & NIST SP 800-171 Compliance & Cybersecurity Consulting Firm, CyberNINES, Expands in California
MADISON, WIS. (July 30, 2021) — CyberNINES, a cybersecurity consulting company providing high-value and affordable CMMC & NIST SP 800-171 compliance services for small and medium-sized businesses in the Upper Midwest, has recently expanded its presence in California. Scott Singer, President of CyberNINES, Todd Streicher, Vice President of Business Development, and Nick Alaga, Director of Business Development in Western Region, met this past month with businesses and partners in San Francisco, Los Angeles, and San Diego to discuss the strategic development in the West region.
On February 9, 2021, Scott Singer, President of CyberNINES, joined the Minnesota Precision Manufacturing Association (MPMA) for an interactive discussion on the new Cybersecurity Maturity Model Certification (CMMC) and the cybersecurity requirements pertaining the DoD suppliers. In this recorded session, you will learn about the requirements of a basic NIST SP 800-171 assessment and how to submit your NIST score in the Supplier Performance Risk System (SPRS).