A Practical Guide to CMMC Compliance

The Cybersecurity Maturity Model Certification (CMMC) is reshaping cybersecurity expectations. With evolving requirements and uncertainty around assessments, many universities and research institutions struggle to interpret expectations and prepare effectively. Whether you're just starting the CMMC journey or are preparing for an assessment, this session provides clarity, practical solutions, and a roadmap to move forward with confidence. Since 2019, CMMC has introduced new compliance challenges, particularly for Higher Education Institutions (HEIs) and research organizations balancing security requirements with academic and operational priorities. Drawing from extensive experience supporting HEIs and research institutions, this session's presenters offer insights into what assessors look for, common pitfalls, and strategies to streamline compliance while maintaining institutional priorities. This session breaks down CMMC’s structure, terminology, and assessment process into simple, actionable terms. Participants will learn how to interpret CMMC requirements, prepare for assessments, and track compliance readiness. Real-world examples highlight how HEIs have successfully built enterprise-wide CMMC programs, secured research environments, and tackled challenges unique to decentralized institutions. Additionally, you will receive the CMMC Progress Tracker, a free tool designed to help organizations track progress, identify gaps, and stay on course toward certification.