Time
1 hour 17 minutes
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:00
Let's continue prepping for C MMC. Now let's look at the contracts
00:06
or if peas and how the d o. D will work with them in the sea. MMC World
00:14
First we're gonna see. Does the company size have an effect on the RFP contract?
00:21
Next will review the D. O D contract levels
00:26
that will actually affect the assessment that they are going through.
00:31
Next. We'll review is additional security required by the assessments and then finally, will look at the sea. Why effect on the level of the contract?
00:46
So the D. A. D. Is realized that the larger companies walk, heat, etcetera
00:53
or
00:55
known to have being attacked and everything. So they've
01:00
have the wherewithal, and they've done pretty good job off putting up the walls, multiple firewalls, redundancy and having some pretty good tools to be able to thwart or of these attacks of the D. O. D.
01:19
Has seen that the small and midsize companies are the most vulnerable attack, and I just wanted to know that this just is not in the defense arena. This is the United States wide,
01:34
small and midsize coming cos I have noticed, really, really, or the ones who may have a very small like tea shop,
01:45
and sometimes the budgets are constrained
01:49
and understanding the changing environment. That's out there that the hackers and the more tools available to the hackers at such a low price as well. And also you have. Weaving or not, college students will have games to see who can hack.
02:08
They'll pick a company and see who can get him first as faras across the firewall.
02:14
So
02:15
if you're a small to mid sized company weather, defense or commercial, you should really pay attention as far as the attacks that are coming at you. And the reason D. O. D's really concerned is because of that. See why that
02:34
information that they air passing along to the contractor
02:38
because they do not want that information getting out to the Middle East to China
02:44
so that they can go and replicated China? It has there 2030 vision of being the number one
02:53
I t. Innovative country in the world, and a lot of that it has arisen from the hackers from there being ableto steal our data.
03:07
So the D. O. D. Will have an RFP that will evolve into the contract with the contractor, and each RFP will have a level of security assigned to it. And it's not the size of the firm there basin ITM or on
03:27
the information that they will divulge to the contractor.
03:31
As far as what the level is, there are five levels of security, one being the lowest level and five be the highest level, which is, at 45 some of the other higher end D O D. Projects that they have out
03:52
now. Currently, the are using on level one what they call the forest cause,
03:59
and then across the board, they're using the nest 801 71.
04:06
And it's currently the contractors are supposed to be self assessing
04:14
themselves with these two regulator guides.
04:20
So the whole idea of cybersecurity and the maturity model that they have is protecting the information of the U. S. One.
04:31
It endangers our troops who go abroad, and it also is releasing sensitive information. They give on upper hand to the Chinese and also the Middle East countries
04:49
that we are trying to stay one ahead off and keep secure from
04:58
see why. So that's the controlled, unclassified information
05:03
that the department offense has within each RFP or contract, depending whether it's for a tank for plain a building or whatever. And so
05:17
they released this the contractor, so that they can build the planes and the buildings and munitions etcetera, and it's in this collaboration with the sensitive information that puts the contractors and the U. S at risk.

Up Next

CMMC Overview

This Cybersecurity Maturity Model Certification (CMMC) training provides an overview of how to prepare for future certification, including its requirements and why it is important for contractors working with the Department of Defense.

Instructed By

Instructor Profile Image
Robert Ashcraft
IT Advisor for Regulatory / CMMC Environments at Corporate Visions
Instructor