The Cybersecurity Maturity Model Certification (CMMC) 1.0 for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. The CMMC model draws on maturity processes and cybersecurity best practices from multiple standards, including the National Institute of Standards and Technology (NIST) frameworks and references, as well as input from DIB entities and the Department of Defense. CMMC requires that DIB organizations complete an assessment of all CMMC practices at a particular level and become certified by a CMMC third-party assessment organization. When fully implemented, CMMC will require all DIB companies to achieve certification at one of the five CMMC levels, which includes both technical security practices and maturity processes. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the CMMC model, discuss process documentation, a Level 2 requirement.
My Story in Computing with Sam Procter
Developing and Using a Software Bill of Materials Framework
The Importance of Diversity in Cybersecurity: Carol Ware
The Importance of Diversity in Software Engineering: Suzanne Miller
The Importance of Diversity in Artificial Intelligence: Violet Turri
Using Large Language Models in the National Security Realm
Atypical Applications of Agile and DevSecOps Principles
When Agile and Earned Value Management Collide: 7 Considerations for Successful Interaction
The Impact of Architecture on Cyber-Physical Systems Safety
ChatGPT and the Evolution of Large Language Models: A Deep Dive into 4 Transformative Case Studies
The Cybersecurity of Quantum Computing: 6 Areas of Research
User-Centric Metrics for Agile
The Product Manager’s Evolving Role in Software and Systems Development
Measuring the Trustworthiness of AI Systems
Actionable Data in the DevSecOps Pipeline
Insider Risk Management in the Post-Pandemic Workplace
An Agile Approach to Independent Verification and Validation
Zero Trust Architecture: Best Practices Observed in Industry
Automating Infrastructure as Code with Ansible and Molecule
Identifying and Preventing the Next SolarWinds
Create your
podcast in
minutes
It is Free