If you don’t meet the CMMC specifications, you will no longer be able to compete for the DoD’s business



Q4 KCM Live Demo 1200x675-1The Cybersecurity Maturity Model Certification (CMMC) is a new US Department of Defense (DoD) standard for implementing best practices throughout the defense industrial base, which includes over 300,000 companies in their supply chain.

The CMMC was created to specifically address major compromises of sensitive and classified data on DoD contractor’s network and now requires a third-party assessment of DoD contractors' compliance with mandated practices that will better adapt to new and evolving cyber threats from our adversaries. There are 171 best practices described in the CMMC mode - at least 19 of which are directly related to a security awareness training program requirement. 

The CMMC includes five maturity levels that establish cybersecurity requirements based on the sensitivity of the contractor's work. The CMMC domain “Awareness and Training” is concerned with ensuring that organizations at CMMC maturity levels 2 and above have a formal security awareness training program. And now, contractors that deal with Controlled Unclassified Information (CUI) are required to add insider threat training - long overdue after Edward Snowden’s use of social engineering to download approximately 1.2 million highly classified documents from the National Security Agency’s systems.

CMMC certification will soon (likely by Q3 2020) be a minimum requirement to be eligible for DoD contract awards. DoD has emphasized that the CMMC is a starting point for transforming contractors’ cybersecurity culture, and strengthen their third party supply chain. 

Get Organized with KCM GRC

You want to be positioned well regarding the evolving complexities and requirements of DoD’s contracting award system, and KnowBe4 just released Control Guidance now for CMMC Level 1-5, so there is huge value right now for KCM users. Get a demo and see it for yourself.

Sources: 

https://blog.rsisecurity.com/dod-contractors-cmmc/

https://www.nativeintelligence.com/news/cmmc-compliant-security-awareness-training/

https://www.csoonline.com/article/3535797/the-cybersecurity-maturity-model-certification-explained-what-defense-contractors-need-to-know.html


Request a Demo of KCM GRC

The new KCM GRC platform helps you get your audits done in half the time, is easy to use, and is surprisingly affordable. No more: "UGH, is it that time again!" 

products-KCM2-2With KCM GRC you can:

  • Reduce the amount of time and money required to easily manage your compliance, risk, and audit requirements
  • Automate reminders so you can quickly see what tasks have been completed, not met, and are past due
  • Simplify risk management with an intuitive interface simple workflow based on NIST 800-30.
  • Efficiently manage your third-party vendor risk requirements
  • Quickly implement compliance and risk assessment processes using KnowBe4's pre-built requirements and assessment templates

Request Your Demo

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/demo_kcm

Topics: Compliance

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews