Defense Unicorns’ Post

View organization page for Defense Unicorns, graphic

22,554 followers

3mo Edited

One topic that unites industry partners and the United States Department of Defense - shared frustration with the #ATO process 🤯. Industry partners are trying to deploy the best software to the DoD quickly. Meanwhile, the DoD is waiting for up-to-date solutions to effectively execute the mission. But, there's hope! Here are some recent updates you should know about as the ATO discussion continues: ✨ Office of the DoD Chief Information Officer released the Resolving Risk Management Framework and Cybersecurity Reciprocity Issues memo. ✨ Defense Information Systems Agency has recently updated numerous Security Technical Implementation Guides and Security Requirements Guides to ensure they align with the latest standards set forth in the fifth revision of the NIST Special Publication 800-53. ✨ Defense Unicorns launched a workshop to address the DoD's various struggles related to software delivery, including the ATO and cATO processes. #Cybersecurity #Defense

10 Comments

Spencer Schaepman

Accomplished GIS Consultant and Project Manager | PMP, CAPM | Specializing in Strategic Program Leadership and Technological Solutions in Public and Private Sectors

3mo

This is literally what lost me my last job. The software I was hired to consult on was in limbo, is still in limbo. So they decided to end my contract and find someone else when the ATO process is finally complete.

DJ Hines

Air Force Government Civilian/Platform One/Small Business Owner

3mo

Come bring your application to DoD Platform One where we have a cATO and can get you a Certificate to field in 26 days once your application has been integrated into our pipelines and processes. This satisfies the need to get your application approved and operational and leaves the hard work and paperwork to us! #MissionObsessedAF

Kristopher Pruitt

Founder and CEO | AI | Autonomy | Human Performance

3mo

The process is frustrating at best. If possible to participate in the workshop I’d be a happy participant. There has to be a better way that what’s being done today.

1 Reaction

Jonathan Sneed

Senior Principal Cyber Systems Engineer

3mo

It’s also been that long since revision 5 came out too…

1 Reaction

Christopher W.

Explorer

3mo

#ATnO

Taylor V.

Security Compliance Specialist | AWS Security

3mo

Best ATO memes in the game.

Rachel Marble, MLS, PMP

3mo

It's funny but it's not. Haha

RJ Niesen, CISSP, PMP

Servant Leader | Cyber Security & IT Consultant | Veteran & Purple Heart Recipient

3mo

Eugene Breckenridge 🤣

See more comments

To view or add a comment, sign in

More Relevant Posts

Cesar Mora

Cybersecurity Auditor & Security Compliance , Risk Management, Data Protection, IT Audit, Information Security.
5mo
Report this post
Great Article on the difference between CMC and ITAR

David Meece

I help people 10X their personal brand and start a career in cybersecurity | SANS Cyber Community of the Year Winner | Featured in Top Cyber News Magazine | Educator | Mentor | Speaker | Author
5mo

Navigating Compliance: Understanding CMMC 2.0 and ITAR for Defense Contractors For those in the defense contracting sphere, navigating the maze of regulatory compliance is critical to ensure both operational success and the protection of sensitive data. The Cybersecurity Maturity Model Certification (CMMC) 2.0 and International Traffic in Arms Regulations (ITAR) stand as key pillars in this landscape, each with its own set of rules designed to enhance national security and safeguard crucial information. This blog post delves into the intricacies of CMMC 2.0 and ITAR, shedding light on their unique features and helping defense contractors understand their obligations under each framework. Discover more: https://lnkd.in/gcMXuwQm #cybersecurity #compliance #CMMC #ITAR #blog

CMMC vs. ITAR: Do Defense Contractors Need to Comply With One or Both?

kiteworks.com
Like Comment
To view or add a comment, sign in
Baillie Hamilton

Customer Success Manager
4mo
Report this post
"Furthermore, the requirement is implemented in the Defense Federal Acquisition Regulation Supplement DFARS through the solicitation provision of NIST SP 800-171 DoD Assessment Requirement, and the contract clause within the NIST SP 800-171 DoD Assessment Requirements." https://lnkd.in/gpYDDihS #cybersecurity #defensecontractor #DFARS #compliance #industrialcyber #icssecurity #ics

DoD issues information collection requirements for assessing contractor compliance with cybersecurity standards

industrialcyber.co
Like Comment
To view or add a comment, sign in
Empower Solutions

218 followers
5mo
Report this post
The proposed rule for the Cybersecurity Maturity Model Certification (CMMC) program, released by the Defense Department, closely aligns with industry expectations, maintaining a three-level framework and emphasizing prime contractor accountability. It reflects the DoD's commitment to bolstering cybersecurity resilience within the defense industrial base (DIB), with a clear timeline set for full implementation by October 2026. Despite this clarity, questions remain regarding which version of NIST standards contractors must meet and how requirements apply to managed service providers (MSPs), highlighting the need for ongoing clarification and refinement. Overall, the proposed rule signifies a significant step forward in strengthening cybersecurity across the DIB, demonstrating the DoD's seriousness about protecting sensitive information and enhancing the security posture of defense contractors and subcontractors. How do you think the DoD will address these uncertainties to ensure a smooth transition to CMMC compliance?
Like Comment
To view or add a comment, sign in
Alexandre BLANC Cyber Security Alexandre BLANC Cyber Security is an Influencer

Advisor - ISO/IEC 27001 and 27701 Lead Implementer - Named security expert to follow on LinkedIn in 2024 - MCNA - MITRE ATT&CK - LinkedIn Top Voice 2020 in Technology - All my content is sponsored
5mo
Report this post
CMMC vs. ITAR: Understanding Compliance Requirements for Defense Contractors For those in the defense contracting sphere, navigating the maze of regulatory standards is crucial for ensuring operational integrity. The Cybersecurity Maturity Model Certification (CMMC) 2.0 and International Traffic in Arms Regulations (ITAR) stand out as key regulatory frameworks that play a significant role in maintaining national security and protecting sensitive data. Given their complexity, it's important for defense contractors to understand each framework's nuances. This blog post delves into CMMC 2.0 and ITAR, outlining their importance and offering insights on whether defense contractors must adhere to one or both. Have to add that there is an interesting take with ITAR, as it's focused a lot more on people, in my experience, and when someone is cleared for ITAR, crossing the borders does seem to happen way faster, but that would be my own experience :P Discover more: https://lnkd.in/e2FV4eWs #cybersecurity #compliance #CMMC #ITAR #blog

CMMC vs. ITAR: Do Defense Contractors Need to Comply With One or Both?

kiteworks.com
Like Comment
To view or add a comment, sign in
Susan Balman

Senior Analyst
4mo
Report this post
"Furthermore, the requirement is implemented in the Defense Federal Acquisition Regulation Supplement DFARS through the solicitation provision of NIST SP 800-171 DoD Assessment Requirement, and the contract clause within the NIST SP 800-171 DoD Assessment Requirements." https://lnkd.in/dmYHAzsS #cybersecurity #defensecontractor #DFARS #compliance #industrialcyber #icssecurity #ics

DoD issues information collection requirements for assessing contractor compliance with cybersecurity standards

industrialcyber.co
Like Comment
To view or add a comment, sign in
David Meece

I help people 10X their personal brand and start a career in cybersecurity | SANS Cyber Community of the Year Winner | Featured in Top Cyber News Magazine | Educator | Mentor | Speaker | Author
5mo
Report this post
Navigating Compliance: Understanding CMMC 2.0 and ITAR for Defense Contractors For those in the defense contracting sphere, navigating the maze of regulatory compliance is critical to ensure both operational success and the protection of sensitive data. The Cybersecurity Maturity Model Certification (CMMC) 2.0 and International Traffic in Arms Regulations (ITAR) stand as key pillars in this landscape, each with its own set of rules designed to enhance national security and safeguard crucial information. This blog post delves into the intricacies of CMMC 2.0 and ITAR, shedding light on their unique features and helping defense contractors understand their obligations under each framework. Discover more: https://lnkd.in/gcMXuwQm #cybersecurity #compliance #CMMC #ITAR #blog

CMMC vs. ITAR: Do Defense Contractors Need to Comply With One or Both?

kiteworks.com

1 Comment
Like Comment
To view or add a comment, sign in
Jonathon Gordon

Industry Analyst @ Takepoint Research | Senior Analyst - Cyber Security
4mo
Report this post
"Furthermore, the requirement is implemented in the Defense Federal Acquisition Regulation Supplement DFARS through the solicitation provision of NIST SP 800-171 DoD Assessment Requirement, and the contract clause within the NIST SP 800-171 DoD Assessment Requirements." https://lnkd.in/dWC6QMnF #cybersecurity #defensecontractor #DFARS #compliance #industrialcyber #icssecurity #ics

DoD issues information collection requirements for assessing contractor compliance with cybersecurity standards

industrialcyber.co
Like Comment
To view or add a comment, sign in
Sam Panicker

Technical GRC Specialist - CISSP, ISO, IRAP Assessor
5mo
Report this post
Practical ways we help our clients at Threat Intelligence to obtain more defence work.

Threat Intelligence

3,132 followers
5mo

Unlock the gateway to defense contracts with our latest blog post on the Defense Industry Security Program (DISP). Learn how DISP sets the standard for security in defense procurement and collaboration, and discover expert tips to strengthen your DISP application: https://buff.ly/3UwMDd9 #DISP #cybersecurity #compliance

Defense Industry Security Program (DISP): Practical Tips and Best Practices

threatintelligence.com
Like Comment
To view or add a comment, sign in
United States Department of Defense

1,399,724 followers
7mo
Report this post
Not sure how to approach the published proposed rule for the DoD’s Cybersecurity Maturity Model Certification program? There’s a video that can help break it down for the defense industrial base and other interested parties. The CMMC program is a mechanism to verify the readiness of contractors and will play an important role in helping keep important DoD information out of the hands of adversaries.

Defense Department Releases Companion Video for CMMC Public Comment Period

defense.gov

7 Comments
Like Comment
To view or add a comment, sign in
Luigi F.

Founder of The ITSM Practice Podcast | ITIL Ambassador | Helping CIOs in Fintech, Telecom, and Managed Services Define Robust Service Management and Security Operating Models
7mo
Report this post
The US Defense Department has shared an informative video on the proposed rule for its Cybersecurity Maturity Model Certification (CMMC) program. This video aims to clarify the rule's details, importance, and complexity for defense industry members and others interested. It's intended to help stakeholders understand the proposal better and encourage them to provide feedback that will be considered before finalizing the CMMC program rule. How do you think this will improve cybersecurity standards? ---------- 🔍 Follow me for daily insights on ITSM and IT Security. 🎧 Check out The ITSM Practice Podcast on Spotify: https://lnkd.in/dJh7UnzC #itsm #itsecurity

United States Department of Defense

1,399,724 followers
7mo

Not sure how to approach the published proposed rule for the DoD’s Cybersecurity Maturity Model Certification program? There’s a video that can help break it down for the defense industrial base and other interested parties. The CMMC program is a mechanism to verify the readiness of contractors and will play an important role in helping keep important DoD information out of the hands of adversaries.

Defense Department Releases Companion Video for CMMC Public Comment Period

defense.gov
Like Comment
To view or add a comment, sign in

22,554 followers

View Profile Follow

Defense Unicorns’ Post

More from this author

5-Minute DevOps: AI is Taking Our Jobs!!

A Missing Piece of Remote Work Culture

5 Minute DevOps: The Only Metric That Matters

Explore topics