Events

The CMMC 2.0 Paradigm and Contractor Supply Chain Risk Management Obligations

Since January 2018, the Defense Department (and now other agencies) has required prime contractors and subcontractors at all tiers to implement NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.” Between January 2018 and November 2021, the Defense Department issued numerous guidance memoranda regarding NIST-171 and set up an arrangement with the Cybersecurity Maturity Model Certification – Accreditation Board. In turn, the CMMC-AB developed a “CMMC ecosystem” based on NIST-171 and related NIST guidance in order to identify NIST-171 cybersecurity objectives intended for contractors and subcontractors who handle, create or store “controlled unclassified information” or CUI. A significant element of this ecosystem was the creation of an infrastructure which facilitates education, training and third-party assessment leading to the certification of a DIB company’s implementation of CMMC 1.0 compliance.

The Defense Department paused implementation of the CMMC 1.0 program by introducing CMMC 2.0 through an Advanced Notice of Proposed Rulemaking published November 4, 2021. DoD did not pause compliance with FAR 52.204-2 or DFARS 252.204-7012.

Your company’s level of CMMC 2.0 “cyber hygiene” will directly impact your eligibility to contract or subcontract with the Defense Department (and likely non-DoD agencies such as the GSA and the DHS) as well as impact your competitive posture anywhere in the DoD supply or service chain.

In this Program, you will learn about:

  • The prospective CMMC 2.0 schedule;
  • Federal cybersecurity vocabulary: CUI, FCI, CDI, CTI;
  • CUI marking obligations by government personnel and contractor personnel
  • How CMMC 2.0 “Level 1” (the foundational level) effectively applies to all federal agencies;
  • The requirements of FAR 52.204-21 and DFARS 252.204-7012 and the current DFARS 252.204-7019, 7020, and 7021 clauses;
  • DoD’s Assessment Methodology;
  • The Supplier Performance Risk System (SPRS);
  • The DoD guidance available to achieve CMMC 2.0 Level 1 and Level 2 (the advanced level);
  • The available self-assessment programs;
  • The requirements under [Draft] NIST SP 800-172 contained in CMMC Level 3 to address Advance Persistent Threats;
  • The quality of a System Security Plan and the CMMC 2.0 emphasis of a Plan of Action & Milestones)
  • CMMC 2.0, the Cloud and FedRAMP;
  • The government-wide supply chain obligations regarding Chinese sources
    • DoD guidance
    • GSA guidance
  • DoD supply chain obligations regarding Chinese and Russian sources
    • DoD guidance
Register Now

Event Date March, 3

Event Time 5:30am - 7:00am

Share With Friends

Other Events You May Like

May 2
Area Business Events

Lifecraft Workshop

May 3
Area Business Events

Lifecraft Workshop

May 9
Small Business Events

Tell It. Sell It.

  About the Workshop     Tell It. Sell It. is a high-impact, working workshop where entrepreneurs, creatives, and changemakers uncover their origin story, turn it into a compelling brand message, and shape it into an elevator pitch that connects—and converts. You’ll walk away with: Your written brand story A clear pitch A strategic plan to use your story in your marketing Real-time feedback and motivation to move forward

Featured News

April 18, 2025

FCEDA’s Karen Smaw Selected by the U.S. Black Chambers of Commerce to the Power 50: Women of Influence

Karen Smaw and USBC CEO, Ron Busby;  Photo credit: US Black Chambers of Commerce Celebrating her extraordinary achievement in growing and shaping the small business ecosystem in Fairfax County, the U.S. Black Chambers of Commerce has chosen FCEDA’s Director, Diversity Business Investment and Entrepreneurship Karen Smaw for inclusion in the 2025 Power 50 Women of Influence Class. Her visionary leadership and transformational impact in helping to grow small businesses and cultivating start-ups has transformed Fairfax County. Each year, the USBC proudly…
Read More
April 15, 2025

Building a Quantum Future Starts in Fairfax NOVA

As we celebrate World Quantum Day, Fairfax NOVA stands at the forefront of quantum innovation. Home to the annual Quantum World Congress, we have become a global hub for quantum technology, bringing together visionaries, researchers, and industry leaders to shape the future. In 2024, the Quantum World Congress in Tysons attracted over 1,000 participants from 30 countries, featuring groundbreaking advancements in quantum computing and its integration with AI. This convergence of technologies is set to revolutionize fields like space commercialization,…
Read More
April 11, 2025

Make a Fresh Start: Bring Your Valuable Skills and Experience to a New and Promising Career

As federal workforce restructuring continues to impact our community, the Fairfax County Economic Development Authority is stepping up with targeted resources and events designed specifically for displaced federal employees. Your years of public service have equipped you with the experience and valuable skills that are in high demand across our diverse business ecosystem and we want to keep you here. George Mason STAR-TIDES Resource Fair for Federal Workers and Contractors Tuesday, April 15, 2025, 12:00 – 4:00 p.m. George Mason…
Read More
See All News