Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
Let's continue prepping for C MMC. Now let's look at the contracts
or if peas and how the d o. D will work with them in the sea. MMC World
First we're gonna see. Does the company size have an effect on the RFP contract?
Next will review the D. O D contract levels
that will actually affect the assessment that they are going through.
Next. We'll review is additional security required by the assessments and then finally, will look at the sea. Why effect on the level of the contract?
So the D. A. D. Is realized that the larger companies walk, heat, etcetera
known to have being attacked and everything. So they've
have the wherewithal, and they've done pretty good job off putting up the walls, multiple firewalls, redundancy and having some pretty good tools to be able to thwart or of these attacks of the D. O. D.
Has seen that the small and midsize companies are the most vulnerable attack, and I just wanted to know that this just is not in the defense arena. This is the United States wide,
small and midsize coming cos I have noticed, really, really, or the ones who may have a very small like tea shop,
and sometimes the budgets are constrained
and understanding the changing environment. That's out there that the hackers and the more tools available to the hackers at such a low price as well. And also you have. Weaving or not, college students will have games to see who can hack.
They'll pick a company and see who can get him first as faras across the firewall.
if you're a small to mid sized company weather, defense or commercial, you should really pay attention as far as the attacks that are coming at you. And the reason D. O. D's really concerned is because of that. See why that
information that they air passing along to the contractor
because they do not want that information getting out to the Middle East to China
so that they can go and replicated China? It has there 2030 vision of being the number one
I t. Innovative country in the world, and a lot of that it has arisen from the hackers from there being ableto steal our data.
So the D. O. D. Will have an RFP that will evolve into the contract with the contractor, and each RFP will have a level of security assigned to it. And it's not the size of the firm there basin ITM or on
the information that they will divulge to the contractor.
As far as what the level is, there are five levels of security, one being the lowest level and five be the highest level, which is, at 45 some of the other higher end D O D. Projects that they have out
now. Currently, the are using on level one what they call the forest cause,
and then across the board, they're using the nest 801 71.
And it's currently the contractors are supposed to be self assessing
themselves with these two regulator guides.
So the whole idea of cybersecurity and the maturity model that they have is protecting the information of the U. S. One.
It endangers our troops who go abroad, and it also is releasing sensitive information. They give on upper hand to the Chinese and also the Middle East countries
that we are trying to stay one ahead off and keep secure from
see why. So that's the controlled, unclassified information
that the department offense has within each RFP or contract, depending whether it's for a tank for plain a building or whatever. And so
they released this the contractor, so that they can build the planes and the buildings and munitions etcetera, and it's in this collaboration with the sensitive information that puts the contractors and the U. S at risk.
Understanding the CMMC v.07 Framework