• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
The Oakmont Group

The Oakmont Group

Help your company podcast get 100,000 downloads

  • Federal Tech Podcast
  • Bike for Your Beer
  • Swing for the Stars
  • About
  • Contact

Ep. 48 Deadlines, CMMC, and the Defense Industrial Base

February 9, 2023

monks
apple podcasts logo
spotify logp
igor
Igor Volovich, Qmulos
qmulos

(Recorded at Monk’s BBQ, in lovely downtown Purcellville, VA)

When the concept of Cybersecurity Maturity Model Certification (CMMC) was first developed, nobody envisioned the roller coaster ride it would take since its inception with Executive Order 13556 in 2010 with its emphasis on Controlled Unclassified Information. 

The goal was to assess and enhance the cybersecurity posture of contractors who serve the DoD.  The target framework was a document from NIST called 800-171.  Over the years the CMMC guidelines have evolved and so have recommendations from NIST.

Over this period of time communication from the DoD about CMMC has ranged from constant briefings to a period where the DoD was incommunicado.  The result of that unusual series of events is a deadline in November of 2023, or possibly earlier, when companies will be expected to comply with the revised regulations.

Today, we sat down with Igor Volovich from Qmulos to put a framework around CMMC to give the 300,000 members of the Defense Industrial Base a handle on today’s status. During the interview Igor repeats his core message: don’t wait until the last minute to begin the process.  You could end up looking at your competition in full compliance and your company running out of time.

"CMMC . . . a lot of people think of this as a new mandate . . . It's just a new way of assessing against existing mandates" "

Igor Volovich, Qmulos Tweet

He suggests that you start with a thorough understanding of the basis for CMMC, the NIST 800-171 document.  Next, don’t forget your company is part of a matrix of vendors; you should contact your partners or affiliates to see where the shared responsibility lies.  Finally, Igor suggests you speak to vendors who may be able to help. 

Chances are, if you wait, you will be overwhelmed with work. The normal reaction is to seek out help at that point.  However, you may encounter CMMC compliance experts with a serious backlog,

The lesson: understand the requirements, seek help from affiliates, contact people with expertise to help with the rough spots, and most of all . . . DO NOT DELAY.  

If you enjoyed this article, you may want to listen to Ep. 42 Vulnerability Management for Federal Systems 

Transcript for podcast
Transcript for Ep. 48
Federal Tech Podast
John Gilroy

John Gilroy

Has been in front of a microphone since 1991.  He can help you structure, launch, and promote your company podcast.  johngilroy@theoakmontgroupllc.com  

Federal Tech Podcast Ep 48,  Igor Volovich,  Qmulos

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

federal tech podcast logo

The purpose of the Federal Tech Podcast to discuss innovation to reduce cost for federal technology. Contact us if you think you are a good fit.

Recent Posts

  • Ep. 97 Infrastructure Enabling Federal Innovation
  • Ep. 96 Data Scientist: the Sexiest Job of the 21st Century
  • Ep. 95 How Akamai Improves Federal Cybersecurity
  • Ep. 94 Can Service Mesh Address Federal Challenges?
  • Ep. 93 Predictive Identity Document Verification
constellations podcast from Kratos

Fascinated by going to Mars?

Right now in Los Angeles a company is 3D printing rockets;  30,000 satellites will be launched in the next five years; satellite communications have advanced so far that companies are using normal cell phones to connect to satellites.  How to keep up with all this excitement?  The Constellations Podcast from Kratos.

Let’s work together

Tell us how you want to grow.

Appear on Federal Tech Podcast

Footer

Social

Follow along on social media.

email

johngilroy@theoakmontgroupllc.com

Policy

Policy for The Oakmont Group

Copyright © 2023 · Business Pro Theme on Genesis Framework · WordPress · Log in