The Cybersecurity Maturity Model Certification (CMMC) 1.0 for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. The CMMC model draws on maturity processes and cybersecurity best practices from multiple standards, including the National Institute of Standards and Technology (NIST) frameworks and references, as well as input from DIB entities and the Department of Defense. CMMC requires that DIB organizations complete an assessment of all CMMC practices at a particular level and become certified by a CMMC third-party assessment organization. When fully implemented, CMMC will require all DIB companies to achieve certification at one of the five CMMC levels, which includes both technical security practices and maturity processes. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the CMMC model, discuss process documentation, a Level 2 requirement.
NTP Best Practices
Establishing Trust in Disconnected Environments
Distributed Artificial Intelligence in Space
Verifying Distributed Adaptive Real-Time Systems
10 At-Risk Emerging Technologies
Technical Debt as a Core Software Engineering Practice
DNS Best Practices
Three Roles and Three Failure Patterns of Software Architects
Security Modeling Tools
Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks
Cyber Security Engineering for Software and Systems Assurance
Moving Target Defense
Improving Cybersecurity Through Cyber Intelligence
A Requirement Specification Language for AADL
Becoming a CISO: Formal and Informal Requirements
Predicting Quality Assurance with Software Metrics and Security Methods
Network Flow and Beyond
A Community College Curriculum for Secure Software Development
Security and the Internet of Things
The SEI Fellow Series: Nancy Mead
Create your
podcast in
minutes
It is Free