Building and Implementing a CMMC Program: An Overview

CMMC is an evolving regulatory requirement that will impact any industry that has a working relationship with the Department of Defense. Since the original "Dear Colleague" letter in 2016, higher education has been wrestling with making sense of the requirements, identifying potential scope, and implementing the framework in what is often a complex, distributed, and shared ecosystem. This session will provide an overview of CMMC, explore the current status of the CMMC program, discuss practical strategies to help universities and colleges determine how to comply, and discuss why the Gramm-Leach-Bliley Act and Federal Student Aid create an additional business case for NIST 800-171.