October 19 @5:30pm – Jeff Baldwin on Comparing Risk Management Framework (RMF) and Cybersecurity Maturity Model Certification (CMMC)
Check out ISSA-NOVA at https://www.issa-nova.org/
Abstract: The Cybersecurity Maturity Model Certification (CMMC) is currently going through the rulemaking process for inclusion in the Code of Federal Regulations. Requirements for CMMC are expected to be included in DoD contracts in the near future impacting all tiers of the supply chain for the Defense Industrial Base. In this talk, Dr. Jeff Baldwin will discuss his personal experience in how he made the transition from working with the NIST Risk Management Framework for Federal systems to working with NIST SP 800-171 and CMMC for Covered Contractor Information Systems. The talk will cover the similarities and differences between the two frameworks for general awareness and will help others who are also interested in transitioning to working within the CMMC ecosystem.
About the Speaker: Dr. Jeff Baldwin is a cybersecurity executive with an extensive background in both information security and education. As a senior information systems security engineer with over 17 years of cybersecurity experience, he has experience working in a variety of frameworks such as the NIST Risk Management Framework (RMF), DIACAP, NISPOM, DCID 6/3, and NISCAP. Dr. Baldwin has assessed over 150 systems as a Security Control Assessor, and as an Information Systems Security Engineer, he has helped over 100 government information systems achieve Authority to Operate (ATO). As part of the Cybersecurity Maturity Model Certification (CMMC) ecosystem, Dr. Baldwin was one of the first 20 people to achieve both CMMC Provisional Instructor and Provisional Assessor status and had the privilege to be an instructor for the second ever offered Certified CMMC Professional course. Dr. Baldwin is the CEO of Space Coast Cyber, offering training in CMMC and consulting services.
Presentation Slides Downloadable here (no information to enter):