Cybersecurity Maturity Model Certification (CMMC) Seminar
Thu, Oct 1 2020, 1 - 3pm
This webinar is open to Ohio small business suppliers to the U.S. Department of Defense and is being presented by the Dayton Development Coalition, Sawdey Solutions Services, Inc., and The Ohio State University Center for Design and Manufacturing Excellence (CDME).
- Date: Thursday, October 1, 2020
- Time: 1 - 3 p.m. ET
- Registration: go.osu.edu/cmmc-register-10120
What is CMMC?
The Department of Defense is taking steps to further prevent the loss of Controlled Unclassified Information (CUI) within the Defense Industrial Base (DIB) as it is critical to maintaining national security. The current Defense Federal Acquisition Regulation Supplement (DFARS) 252.204.7012 and associated clauses require contractor compliance with certain cybersecurity control standards. The CMMC requirement builds upon this existing regulation and combines various cybersecurity control standards (e.g., National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, International Organization for Standardization (ISO) 27001, and Aerospace Industries Association National Aerospace Standards 9933, etc.) into a single, unified standard for cybersecurity.
In addition, CMMC requires DoD suppliers to achieve and maintain certification through a verification process that assesses the institutionalization and maturity of cybersecurity practices and processes.
Why should you attend?
Scheduled for phased implementation over the next 5 years, future DoD solicitations will require offerors to hold a CMMC certificate at a specified level or higher to be eligible for award. To obtain a CMMC certification, companies will coordinate directly with an independent, accredited CMMC Third-Party Assessment Organization (C3PAO) to request and schedule a CMMC assessment. Upon successful demonstration of the appropriate capabilities and organizational maturity, the organization will receive the corresponding CMMC level certification.
What does the seminar offer?
- Controlled Unclassified Information (CUI) and Covered Defense Information (CDI) defined and explained. What is compliance with DEFARS 252.204.7012?
- Overview of Cybersecurity and Risk Management Frameworks forming the basis of CMMC
- Overview of CMMC v 1.02
- CMMC Implementation Plan and Timeline
- Review and explanation of Certification Requirements – Initial and Maintenance
- Presentation of Cyber Assessment alternatives including self-assessment resources
- Recommendations for documentation, tools, and resources to help you get to compliance
Subject matter expertise from Sawdey Solutions Services, Inc. | Beavercreek, Ohio
Harry Krukenberg is a highly accomplished supply chain consulting professional with military and private sector experience spanning nearly 29 years. Mr. Krukenberg is a certified Project Management Professional (PMP) and Lean Six Sigma Green Belt who has served clients at Air Force Materiel Command, U.S. Transportation Command, the General Services Administration, Department of Homeland Security, and the U.S. Postal Service. Mr. Krukenberg is a recognized subject matter expert in Automatic Identification and Data Capture (AIDC), and Automatic Identification Technology (AIT) applications and technologies. In addition, he has significant consulting experience in the areas of supply chain risk management, supply chain strategy & planning, project management, business process reengineering, change management, and education & training. Mr. Krukenberg is a retired U.S. Air Force civil engineering officer with proven leadership skills having led large and small teams in a variety of fast paced and diverse environments.
P. Michael Smith is a cybersecurity expert with over 16 years of professional experience (federal, state, local, and private sector). He was an Information System Security Manager/Auditor for several multimillion-dollar Information Systems for the Air Force Materiel Command (AFMC). Mr. Smith was selected to be the Chief Information Officer and Authorizing Official for the New Mexico Army National Guard. He was certified by the FBI as a Computer Forensic Examiner and recognized by the U.S. Federal Courts as an expert witness in his field. Mr. Smith was the cyber team leader and designated cybersecurity technical expert for the governor of New Mexico. He holds multiple cybersecurity certifications to include a master’s degree in information technology - security assurance. Mr. Smith has diverse knowledge and expertise in NIST, DoD RMF, and other information standards.