The primary purpose of our one-day 7-hour workshop is to ensure that small businesses are aware of the cybersecurity requirements mandated under Defense Federal Acquisition Regulations Supplement (DFARS) Subpart 204.73. We will focus on understanding the risks associated with safeguarding controlled unclassified DOD information.
The workshop will focus on the 14 groups of controls from NIST SP 800-171, with examples highlighting what happens when these controls are not implemented. By the end the workshop, you will become familiar with all 110 controls and be able to better identify the areas where you may need greater focus to meet the DoD’s cybersecurity expectations.
We will also review DOD’s Cybersecurity Maturity Model Certification (CMMC) and their intent to incorporate CMMC into Defense Federal Acquisition Regulation Supplement (DFARS) and use it as a requirement for contract award. CMMC Levels 1-3 encompass the 110 security requirements specified in NIST SP 800-171. DOD is planning to migrate to the new CMMC framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). Once finalized, companies will be required to have CMMC assessment in place of self-certification that they have met NIST SP 800-171 security requirements.
The training pesenter is Dr. Clifford Neuman, Director of the USC Center for Computer Systems Security in the USC Viterbi School of Engineering Information Sciences Institute.