Most people mistaken believe that their cybersecurity requirements stem from the Cybersecurity Maturity Model Certification Program (CMMC). CMMC is simply a verification program that proves if you have implemented the requirements imposed by DFARS clause 252.204-7012. Ultimately, DFARS clause 252.204-7012 is the center of gravity for all the cybersecurity stuff that comes with being a defense contractor. This week is an important primer on DFARS 7012 because even though it's only 13 paragraphs long, few people take the time to read it closely.
Register for CS2 Reston: https://cs2.cloud/reston
Pathfinder 101: https://www.summit7.us/pathfinder
Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo
DFARS 7008: https://youtu.be/vgrRGIWboKc?si=TFuX_wYBgfDhNQ8X
DFARS 7012: https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting.
The History of CMMC: https://youtu.be/jbY2irZ1ePg?si=Khw6kLH5JnXfiTs6
7012 Class Deviation: https://youtu.be/voziZRAMvv4?si=2TczM85cISzpd63V
FedRAMP equivalency memo: https://youtu.be/torWNL3U7ZY?si=_tAubFpxJxtqrS6L