Boston Government Services, LLC (BGS)’s Post

The DIBCS Strategy, discussed at the DIB CS Summit, focuses on enhancing cybersecurity within the Defense Industrial Base (DIB) through collaboration between industry professionals and government leaders. It includes initiatives like the FedRAMP Equivalency Memo to streamline cybersecurity standards and practices. For someone in defense technology innovation like yourself, understanding these strategies could be crucial for aligning your projects with current cybersecurity standards and expectations.

Perhaps an unpopular opinion…but having cut my teeth on DFARS and ITAR many years ago, I find CMMC and the whole debacle just that: a debacle. Organizations should stop waiting for the CMMC-AB to figure out their identity and start solutioning for the existing set of NIST controls that have been available for years. I won’t discount that some of the processes have changed in regards to assessment and “Level 1” vs “Level 2” vs “Level 3” but fundamentally, not a lot has changed. Organizations that continue to “wait and see” are doing themselves a disservice—and some could argue they are doing the overall defense industry a disservice. Time will tell if procrastination proves to be a winning strategy. Take accountability and start working now. Aiming to resolve at least 90% or more of the NIST 800-171a controls now will save you time, money, and make life easier for whenever the #CMMC-AB gets its act together. #NARA #CMMC #DFARS #DIB #defensecontractors #FedRAMP

Our team is excited to head to Dayton next week for Life Cycle Industry Days (LCID) and the Wright Dialogue with Industry (WDI). The event as a whole focuses on the Life Cycle Management Center's future requirements and topics covering the entire acquisition life cycle across AFLCMC portfolios. Stop by our booth (222) to learn how we’re leveraging Privacy Enhancing Technologies to enable DoD users to unlock data value across silos through encrypted search and machine learning. Check out a demo of our solutions, which are deployed and operational at scale today. Enveil ZeroReveal is helping mission users by:  ✅ Enabling encrypted searches and analysis to be performed across data silos for enhanced collaboration and accelerated speed to decision ✅ Eliminating the need to lift-and-shift large quantities of data to trusted networks ✅ Facilitating high-side security, low-side agility Hope to see you next week! Reach out to Michael Ortega (michael@enveil.com) to schedule a meeting in advance. Can’t make it to Dayton? Learn how our solutions are transforming secure data usage for mission users here: https://lnkd.in/gDmTBK4c #LCID #AFLCMC #WDI #PrivacyEnhancingTechnologies

Want to get the background on the FedRAMP Equivalency Memo? Jon Weadon and I review it, and the history behind it, in this video! #CMMC #dfars7012 Kieri Solutions - Authorized C3PAO

As we approach the finalization of the #CMMC rules, I’ve created a short video to help newcomers understand the requirements & what’s ahead! With multiple types of assessments, ranging from self-assessment for Federal Contract Information (#FCI), to third-party evaluations for Controlled Unclassified Information (#CUI) - it’s crucial to understand what’s required as we move forward. Don't miss #OpticCyber's latest webinar where I walk through the basics of CMMC & highlight some key resources for getting started! 👇 https://lnkd.in/et-_X9Pe If you're just starting your CMMC journey or looking for help getting ready for certification, shoot me a message!

Critical information to know and very timely. I highly recommend you watch this video to understand FedRAMP equivalency as it applies to Cloud Service Providers and CMMC. Here are some key takeaways: * Memo Applies to Defense Contractors with the DFARS 252.204-7012 clause in their contracts and are utilizing a Cloud Service Provider (CSP) * Will substantially add security requirements and associated costs to CSPs who aren’t currently compliant * Require CSPs to engage with 3PAOs for their SAP/SAR (Security Assessment Plan/Security Assessment Report) * Implications are CSPs will need to have highly competent and trained personnel on staff to maintain FedRAMP equivalency, adding year over year recurring cost and complexity to their environments * Incident Response and Forensic Analysis are hard fast requirements € In my honest opinion, this will drive the market to the largest players (Microsoft, Amazon, Google, etc) Need guidance and understanding of what this means to your organization? Ask me now Gene Cho, J.D., CISSP, CCSP, CIPP/US, CIPT, CMMC-AB RPA | Christopher “Phaldor” Goodrich | Buck Bell | Walt Powell CISSP, CISM #cdw #cdwfederal #FedRAMP #CMMC

Unpack the complexities of CMMC compliance with a clear, step-by-step roadmap. From scoping to certification, this session lays out each phase, helping you navigate the path to compliance with confidence. 📅 April 18, 2024 ⏲ 2 p.m. Register ➡ https://lnkd.in/d64YZuRa #cmmc

Learn more about achieving CMMC 2.0 compliance in this short video, assembled by the experts here at ControlCase. The video briefly discusses the levels of CMMC 2.0, the first steps to take toward CMMC compliance, and how to prepare for CMMC assessment. #ControlCase #CMMC #NIST800171 #CMMC2

What does it mean to be an MSP supporting the Defense Industrial Base (DIB)? (PART 4) MSPs as we now know for certain, the DoD intends that you play a key part of your DIB customer’s CMMC journey. This may mean that you yourself need to be CMMC Certified, or for DIB Members required to meet Level 1, you may need to provide your clients with evidence and support them in achieving the 15 controls at Level 1. What are going to be your biggest challenges in supporting your DIB customers in this journey? I would love to get some free-flowing dialog from the MSP community on this, so I am not doing a multiple-choice poll. MSPs, at the end of your comment, I challenge you to hit up a few of your peers up to also provide a comment. You can vent about the rule if you want to, but let’s assume that it is what it is for now and look ahead to how we can do business under this rule. Bobby Guerra, John Hill - Visionary Technology Leader, Kevin M., Tobias Musser, Brian Pickell, Shel Philips, PMP RP, Pat Cooley, Paul Adams Cox, Sam Heuchert, George Chao, Brandon A Fausti,

Learn more about achieving CMMC 2.0 compliance in this short video, assembled by the experts here at ControlCase. The video briefly discusses the levels of CMMC 2.0, the first steps to take toward CMMC compliance, and how to prepare for CMMC assessment. #ControlCase #CMMC #NIST800171 #CMMC2