The IT Support Education Center
The most educational business technology blog for Southern California executives, featuring insider tips, articles, and videos on how to get the best IT results.
If you manage IT at your company, then you have a lot of roles to fill. Whether you have a small team or it's just you, you could be asked to be the network administrator, help desk technician, IT project manager, business analyst, cyber security expert, and more at any given moment. And if your company needs to comply with the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC), you're likely going to get another role tacked onto your responsibilities.
The word “Maturity” is part of the Cybersecurity Maturity Model Certification for a reason. Essentially, the Department of Defense wants their chain of suppliers to “grow up” in their security. When companies act like “grown-ups” in the way that they manage cyber risk, they’re a lot more serious about their responsibilities and they’re accountable for the outcome.
Optimize your business's IT function, understand proper - and cost effective - IT staffing, and learn from the mistakes others have made.
When you get started on your journey to Cybersecurity Maturity Model Compliance (CMMC), one of the first things that you’ll need to do is to perform a gap analysis. A CMMC gap analysis lets you know where your security controls are good and where you have, well… gaps. If you have expertise with NIST 800-171 security regulations along with a lot of extra time, then there’s no reason why you can’t do a DIY gap analysis, but many companies are finding that a facilitated gap analysis is more efficient and actually saves money in the long run.
When you’re trying to understand what you’re supposed to do to follow Cybersecurity Maturity Model (CMMC) regulations, there’s a lot of information to digest. A lot. Unless you want to make CMMC compliance your full-time job, it would be nice to have all that information boiled down so that you get to the point where you can act. You must act because if you haven’t, you’re already late. Last year the DoD communicated with companies in their supply chain with a request to submit a CMMC Self-Assessment by the end of 2020, yet many companies have not been able to do that. Why? For many it’s a lack of knowledge and training to interpret CMMC into action.
If you’re in the Department of Defense supply chain, you know that there are new cyber security requirements coming down the pipe. Full Cybersecurity Maturity Model Certification (CMMC) compliance is rolling out to the top 15 DoD prime contractors and their subcontractors in 2021. By 2025 this will spread out to the whole network of suppliers. If you’re not in the top 15, you still have things to do right now.
(February 17, 2021 – Rancho Cucamonga, CA) Accent Computer Solutions, Inc. is now a CMMC Registered Provider Organization (RPO) in Southern California. The company has been helping organizations reach and maintain their NIST cyber security framework requirements for many years, and has taken the next steps to demonstrate CMMC proficiency. Corey Kaufman is the company’s first Registered Practitioner (RP), trained to consult with companies regarding Cybersecurity Maturity Model Certification (CMMC) compliance. The company will have four more RPs by March 2021.