Redspin, a division of Clearwater

We've said it a hundred times, and we'll say it a million more: navigating the CMMC assessment process can be tricky, especially with so many misconceptions floating around. That's why we've created an infographic to clear up some of the most common myths about the costs associated with CMMC assessments. The reality is that while the practices highlighted here are valuable and can save you in CMMC coordination, it's important to note that some providers are better than others, and there is no "silver bullet" for CMMC. These practices won't necessarily reduce the costs of the assessment itself. If you need assistance with navigating your journey, and looking for the most cost-effective path, reach out to us! We are happy to help.

CMMC Connect is THIS Thursday, 1:00 - 1:45 PM (ET). This month’s agenda is packed... We'll kick off with key updates, including: - The 48 CFR Proposed Rule - DOJ's Lawsuit Against Georgia Tech - The Department of Education's Upcoming CUI Proposed Rule We’ll also dive into the latest news on timelines, rulemaking, when assessments can begin, and more... Then, our expert panel will answer your questions live. We'll start with questions we've already received like: - CMMC Costs for small businesses - Compliance in commercial cloud environments - How to identify CUI Register now to engage with Tara, Thomas, Rob, and Jeremy as they discuss the latest CMMC updates and answer your questions. You can submit your questions when you register, or join us on Thursday to ask them live. See you there! https://hubs.ly/Q02MK7WZ0

Tara Lemieux has done it again—she’s published another book! The Everything Guide to CMMC is your go-to resource for all things CMMC. Whether you’re curious about why CMMC was created, how to prepare, choosing the right assessor, understanding the assessment process, or what to expect afterward, this book covers it all. Tara offers a clear and concise exploration of CMMC, providing insights from an assessor's perspective in a way that's both informative and enjoyable. Her expertise as a CMMC Instructor shines through, along with her personality, making this guide a pleasure to read. Now available on Amazon in Kindle, paperback, or hardcover. Grab your copy today! https://hubs.li/Q02MmnZK0

Who said work can't be fun? Last week, the Clearwater and Redspin teams got together for a virtual company-wide bingo luncheon! 🎉 There were lightning rounds, trivia questions, and even music videos. It was a blast getting to hang out and have some fun together. We love finding creative ways to connect and have a good time as a team. Cheers to more virtual hangs in the future! #TeamBonding

We are out here at #NavyGoldCoast2024! Find us at booth 1627, and make sure to drop by the networking reception from 5:00 - 7:00 this afternoon!

Congratulations, Tara Lemieux! We’re incredibly proud to share that Tara Lemieux, a vital part of the Redspin team, has launched the presale of her new book, The Everything Guide to CMMC! This book is set to be an essential resource for anyone navigating the Cybersecurity Maturity Model Certification (CMMC) and aiming to bolster their cybersecurity posture. Tara’s deep expertise and passion for the industry truly shine through in this guide. Join us in celebrating Tara’s achievement, and be sure to pre-order your copy today: https://lnkd.in/ecq_WXnb 👑 📕 💫 #CMMCBook #CMMC #TheGuidetoEverythingCMMC

Attn: DoD Contractors in the healthcare industry! CMMC may apply to you. Check out this Clearwater blog to learn more and hear insights from Christus Health, an organization that started addressing CMMC early.

"Some of our greater national security agencies and contractors have been the focus of some of those data breaches, and it just goes to show that … no one's really off limits when it comes to a cyberattack" well said Tara Lemieux. Thank you National Defense Magazine, and Josh Luckenbaugh for taking the time to cover the freshly published 48 CFR CMMC proposed rule. Tara Lemieux, you do a great job outlining the 48 CFR timeline, flow-down requirements from prime to subcontractors, the phased rollout approach, and so much more in this article. - thank you! For even more on 48 CFR CMMC proposed rule, Tara has also authored this short blog: https://lnkd.in/gPS_yqgN

🌟 Redspin is the proud bronze and networking party host of the 2024 National Defense Industrial Association - (NDIA)'s Department of the Navy Gold Coast Conference in sunny San Diego next week! 🌟 Visit us at Booth #1627 to meet with our VP and CISO, Dr. Thomas Graham, PhD, CISSP, MBA, or our VP of Sales, Federal Accounts, Jeremy Mares, and discuss your organization’s #CMMC journey, or feel free to book a 1:1 meeting to dive deeper into your needs: https://lnkd.in/gsGPC3zm !! Plus, don’t miss the Navy Gold Coast Networking Reception—hosted by Redspin! Join us on Tuesday night, August 20th, from 7:00 - 9:00 PM to talk and toast to CMMC! 🥂 #Redspin #NavyGoldCoast #CMMC #Cybersecurity #NDIA

Heads up! The 48 CFR rule, which integrates CMMC requirements into defense contracts, is set to be published in the Federal Register tomorrow, August 15th, 2024, kicking off a 60-day public comment period. Summary of key points and timing: 1. Implementation of CMMC 2.0 Requirements: - The Department of Defense (DoD) is proposing amendments to the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate the Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements. - CMMC 2.0 provides a framework for assessing and ensuring contractor compliance with cybersecurity requirements within the DoD supply chain. - The 32 CFR rule proposes phased implementation over three years, after which the requirements will apply to all DoD contracts involving the processing, storage, or transmission of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI). 2. Phased Rollout: - During the first three years, CMMC 2.0 requirements will be included in specific contracts as directed by the CMMC Program Office. - The CMMC requirements will be enforced in the DoD contractual vehicles by the provisions in 48 CFR concerning DFARS 7021 implementation. - After three years, the requirements will apply universally to all relevant DoD contracts. 3. Certification Timing: - The CMMC certification must be in place at the time of contract award, and contractors are required to maintain this certification throughout the life of the contract. - CMMC levels will be specified in solicitations and contracts, and contractors must have the required certification level posted in the Supplier Performance Risk System (SPRS) before a contract can be awarded or an option exercised. 4. Impact on Contractors: - The 32 CFR and 48 CFR rules will apply to a broad range of contracts, including those below the Simplified Acquisition Threshold (SAT) but above the micro-purchase threshold. - Small businesses will be affected, with specific estimates provided for the number of entities impacted in each phase of the rollout. 5. Public Comments and Final Rule: - The 48 CFR proposed rule will be published on August 15, 2024, with a 60-day period for public comments. The final rule will be developed based on feedback and further analysis. Timing: - August 15, 2024: The 48 CFR proposed rule will be published in the Federal Register. - 60-Day Comment Period: Stakeholders can submit comments and feedback during this period. - Three-Year Phased Implementation identified by 32 CFR: The rollout of the CMMC 2.0 requirements will occur over three years, with full implementation expected by 2027. You can view the upcoming publication here:(https://hubs.li/Q02LhGxF0).