The Cybersecurity Maturity Model Certification (CMMC) 1.0 for the Defense Industrial Base (DIB) defines specific cybersecurity practices across five levels of maturity while also measuring the degree to which those practices are institutionalized within an organization. The CMMC model draws on maturity processes and cybersecurity best practices from multiple standards, including the National Institute of Standards and Technology (NIST) frameworks and references, as well as input from DIB entities and the Department of Defense. CMMC requires that DIB organizations complete an assessment of all CMMC practices at a particular level and become certified by a CMMC third-party assessment organization. When fully implemented, CMMC will require all DIB companies to achieve certification at one of the five CMMC levels, which includes both technical security practices and maturity processes. In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the CMMC model, discuss process documentation, a Level 2 requirement.
The Evolving Role of the Chief Risk Officer
Obsidian: A Safer Blockchain Programming Language
Agile DevOps
Kicking Butt in Computer Science: Women in Computing at Carnegie Mellon University
Is Software Spoiling Us? Technical Innovations in the Department of Defense
Is Software Spoiling Us? Innovations in Daily Life from Software
How Risk Management Fits into Agile & DevOps in Government
5 Best Practices for Preventing and Responding to Insider Threat
Pharos Binary Static Analysis: An Update
Positive Incentives for Reducing Insider Threat
Mission-Practical Biometrics
At Risk Emerging Technology Domains
DNS Blocking to Disrupt Malware
Best Practices: Network Border Protection
Verifying Software Assurance with IBM’s Watson
The CERT Software Assurance Framework
Scaling Agile Methods
Ransomware: Best Practices for Prevention and Response
Integrating Security in DevOps
SEI Fellows Series: Peter Feiler
Create your
podcast in
minutes
It is Free