CMMC Security Compliance 1 Our Assessment Process 2

  • Slides: 12
Download presentation
CMMC Security & Compliance 1

CMMC Security & Compliance 1

Our Assessment Process 2

Our Assessment Process 2

Certified RPO with over 100 conducted worldwide since 2000. Works with your existing Managed

Certified RPO with over 100 conducted worldwide since 2000. Works with your existing Managed Services Provide (MSP) or IT Staff Providing DOD contractors help to meet NIST 171 Complete Audit readiness solutions to meet the NIST 800 -171 and CMMC certifications Approved vendor for the Maryland Cybersecurity 50% Tax Credit 3

What’s in Play Three Components NIST 171 Prime Requirements CMMC 4

What’s in Play Three Components NIST 171 Prime Requirements CMMC 4

NIST 171 - Mandatory 110 Controls NIST 171 System Security Plan (SSP) Plan of

NIST 171 - Mandatory 110 Controls NIST 171 System Security Plan (SSP) Plan of Action & Milestones (POAM) Score - November 30 th, 2019 +110 to -330

Choice Cybersecurity, Inc. Register Provider Organization ( RPO) Crosswalk 171 to CMMC Plan of

Choice Cybersecurity, Inc. Register Provider Organization ( RPO) Crosswalk 171 to CMMC Plan of Action & Milestones (POAM) Score - November 30 th, 2019 +110 to -330

NIST 171 - 110 Controls CMMC Compliance CMMC Level 3 - 130 Controls 2

NIST 171 - 110 Controls CMMC Compliance CMMC Level 3 - 130 Controls 2 Forms of Evidence Mock Audit Bring in Auditor and manage the process

CMMC Policies & Procedures Access Control Identification & Authentication Maintenance Physical Protection Personnel Security

CMMC Policies & Procedures Access Control Identification & Authentication Maintenance Physical Protection Personnel Security Assessments System & Communication Protection Audit & Accountability Awareness Training Configuration Management Incident Response Media Protection System & Information Integrity Risk Assessment Protection from Malware Domain Recovery 8

Next Generation Firewall Advanced Endpoint Protection Protective Filtering Centralized Management SECURITY 2. 0 Endpoint

Next Generation Firewall Advanced Endpoint Protection Protective Filtering Centralized Management SECURITY 2. 0 Endpoint Detection & Response Intrusion Prevention & Detection Single Sign-On Two Factor Authentication COMPLIANCE BASICS THE STACK OF SECURITY LAYERS User Awareness Training Security Incident & Event Monitoring Change Management Data Leak Prevention Secure Backups & Recovery Password Policy & Management Email & Drive Encryption Continuous Vulnerability Scans Cloud Access Security File & Data Encryption Mobile Device Management Policies & Procedures Patch Approval & Management

Certification Process 1 2 Assessment Remediation 3 Audit Ready 4 Mock Audit 5 Certification

Certification Process 1 2 Assessment Remediation 3 Audit Ready 4 Mock Audit 5 Certification Audit Completed by Assessor/C 3 PAO 10

Contracts ● ● ● U. S. Navy ○ Integrated Common Processor ○ F/A-18 E/F

Contracts ● ● ● U. S. Navy ○ Integrated Common Processor ○ F/A-18 E/F Full Mod of the SBAR and Shutoff Valve ○ DDG-51 Lead Yard Services / Follow Yard Services U. S. Air Force ○ Mobility Air Force Tactical Data Links ○ Consolidated Broadband Global Area Network Follow-On ○ Azure Cloud Solution Missile Defense Agency ○ Technical Advisory and Assistance Contract GSA and Polaris Contracts to follow 11

Q AND A @ stever@choicecybersecurity. com (410) 205 -4980 www. choicecybersecurity. com 10065 Red

Q AND A @ stever@choicecybersecurity. com (410) 205 -4980 www. choicecybersecurity. com 10065 Red Run Blvd, Suite 120, Owings Mills, MD 21117 12