The DoD (Department of Defense) has scheduled the release of the updated CMMC (Cybersecurity Maturity Module Certification) regulation and the start of formal CMMC certification requirements in DoD contracts for 2023. Any manufacturer engaged in DoD contracts or seeking to obtain DoD contracts must comply with these regulations. In order to assist Delaware manufactures to become aware of the regulations and new changes to the regulation, DEMEP is co- sponsoring a series of webinars designed to familiarize manufacturers with the CMMC regulations. These sessions will provide you timely information how CMMC will impact your businesses and how you can prepare.

Below is a full description of each webinar and a link for registration.

CMMC Level 1 Explained

Feb. 16, 2023

Time: 2-3PM EST

CMMC Level 1 will be required by the majority of companies in the defense industrial base (DIB). For companies needing higher CMMC Levels (2 or 3), Level 1 is the place to start. This session will help you learn the following:

  • What requirements need to be met for Level 1?
  • What data and information needs to be protected?
  • What type of assessment will be required for Level 1?
  • How does Level 1 relate to current requirements for a Supplier Performance Risk System (SPRS) score?
  • When will CMMC Level 1 be required by the DoD?

Please join us for this informative hour to ensure you are on the right track toward CMMC Level 1 compliance.
Register for this event

FCI & CUI- What is It and How to Protect It

March 16, 2023

Time: 2-3PM EST

CMMC was developed in order to protect certain information and data related to DoD programs and contracts. The CMMC certification Level (1, 2 or 3) required is determined by what type of defense-related information your company handles. It is vital that you understand the information to be controlled and protected and, also what steps you must take to meet CMMC requirements. In this webinar, we will clarify the following:

  • What types of information is considered FCI or CUI and how should it be marked?
  • Where does FCI or CUI originate and how might you receive it?
  • How should protected information be handled, identified and controlled?
  • Which CMMC Level(s) will be required for FCI and CUI?
  • Will my organization need to be certified if it does not handle CUI?

Plan to join us to get a handle on the types of information to be controlled by your CMMC program.
Register for this event

CMMC 2.0 Update

April 20, 2023

Time: 2-3PM EST

In 2021, the DoD announced changes to the CMMC program as “CMMC 2.0”. In 2023, the government plans to begin rolling out the requirement for formal CMMC certification through new contractual requirements. Soon, CMMC certification will be a requirement for all defense-related contracts. This webinar will review the latest updates from the DoD on CMMC 2.0. This will include:

  • Changes to the DFARS regulations on CMMC certification
  • How CMMC certification will be specified in DoD contract vehicles
  • The latest timeline for including CMMC in contracts
  • Who will be conducting CMMC assessments and how to contact them
  • What will need to be demonstrated during an assessment in order to be successfully certified

Please plan to join us for the latest updates on CMMC 2.0
Register for this event

CMMC – How to Prepare

May 18, 2023

Time: 2-3PM EST

This year, CMMC starts to take effect. The requirements to become CMMC certified are stringent and can take significant effort and expense. Due to the extensive assessment criteria, your company will need to be well prepared for a successful certification. In this session, we will walk through a roadmap for preparing for CMMC certification. We’ll be discussing:

  • What to include in your scope of certification
  • How to determine the gaps in your current IT technology
  • What skills will be needed on your team and how 3rd-parties can assist
  • How will management and employees need to be involved
  • What are the major milestones on the path to certification
  • How to map to NIST assessment objectives

We’ll be discussing how to get organized in your preparation toward CMMC certification. Please join us for this very practical conversation.
Register for this event

Conducting a CMMC Self-Assessment

June 15, 2023

Time: 2-3PM EST

To avoid wasting time and money as you prepare for CMMC certification, it is important to understand your starting point. A self-assessment is a great tool that can reveal your organization’s strengths and gaps that need to be closed. The challenges with a self-assessment are to have a good understanding of what is required and how well your systems and operational practices match up. We’ll be walking through a self-assessment together in this session that will cover:

  • What standards should you use to prepare a self-assessment?
  • What steps should be followed?
  • Who should be involved?
  • How to correctly determine your current state?
  • How should results be summarized and presented to management?

Join us for this hands-on session to help you get started on your self-assessment.
Register for this event

How to Prepare a CMMC System Security Plan

July 20, 2023

Time: 2-3PM EST

One of the central documents needed for CMMC certification is your System Security Plan (SSP). This detailed document spells out how each of the 110 requirements of NIST SP 800-171 (the foundational CMMC standard) are being met by your organization. Your SSP (System Security Plan) will be one of the first things a CMMC assessor will review for certification and it needs to be done right. This webinar will explain how to build a comprehensive SSP that addresses all of the requirements for CMMC Certification. We’ll cover the following:

  • What is the purpose of an SSP and where do the requirements for this document come from?
  • What are the topics to be addressed and how should it be organized?
  • How detailed should it be for the assessment?
  • Who should be responsible for developing and maintaining the SSP?
  • How often should the SSP be updated?

We’ll be looking inside this foundational CMMC document that can make or break your assessment. Please plan to join us.
Register for this event

The Heavy Lift of CMMC – Documentation

August 17, 2023

Time: 2-3PM EST

To successfully pass a CMMC assessment, you’ll not only need to have the right technologies and follow the right processes, but you’ll have to show your compliance through documentation. The CMMC assessors have been trained that “if it’s not documented, it doesn’t exist”. Proper documentation will be one of the major focuses during your CMMC assessment. In addition to a System Security Plan (SSP), you’ll also need to have policies, diagrams and numerous evidence artifacts to show during your assessment. In this webinar, we’ll lay out a plan to properly document your CMMC program including:

  • What specific documents need to be developed to meet CMMC requirements?
  • What is a Plan of Action and Milestones (POAM) and how should it be used?
  • How many policies and procedures are needed?
  • How should policies be organized and what topics must be included?
  • How should CMMC documentation be controlled and how often should they be updated?

Join us as we look through the various documents that need to be put in place to successfully pass a CMMC assessment.
Register for this event

How to Keep CMMC Affordable

September 21, 2023

Time: 2-3PM EST

For most small businesses, CMMC can become a significant cost in time and money. While it might be considered a cost of doing business with the DoD or prime defense contractors, the ROI can quickly dwindle unless the most affordable options are investigated. This includes various technology alternatives as well as the most efficient processes. In this webinar, we’ll be discussing the costs associated with CMMC certification and where the biggest savings can be found. This will include:

  • The importance of an accurate self-assessment to reveal true gaps
  • The impacts of workflows and scope
  • The choices between upgrading your existing network vs. utilizing a separate enclave to control CUI. 4. What to handle with internal resources and when to use external 3rd-parties
  • How to design your CMMC program for efficiency and cost over the long term

Please join us as we discuss practical ways to save money on your CMMC certification investment.
Register for this event

CMMC With No IT Staff

October 19, 2023

Time: 2-3PM EST

One thing is very apparent with CMMC, it is very technical and will require a high degree of technical skill to do it properly. But, many small businesses don’t have a dedicated IT staff, or their IT team has no hands-on experience with meeting technical standards. How can a business with limited or no IT staff achieve CMMC certification? In this session, our team will explain the technical resources and skills needed to prepare for a CMMC certification. We’ll address:

  • Which CMMC requirements involve technology and which are organizational processes?
  • What technical decisions will companies face when preparing for CMMC?
  • In what cases can an external IT expert be helpful?
  • Can CMMC certification be achieved without an IT staff on the payroll?
  • What are the pros and cons of hiring your own IT staff?

Join this informative session as we discuss the “IT skills-gap” common to so many small businesses.

Register for this event

CMMC Assessments – What to Expect

November 16, 2023

Time: 2-3PM EST

To become CMMC Level 2 certified, you’ll need to pass a CMMC assessment by a 3rd-party assessment company called a C3PAO. CMMC assessments are highly detailed and require demonstrable evidence that you meet each of the NIST SP 800-171 controls. In order to be certified, all 320 control objectives must be met. In this session we’ll be pulling back the curtain on a CMMC assessment. We’ll be uncovering important details such as:

  • How is a CMMC assessment conducted and who will need to participate?
  • What objective evidence will the assessor look for?
  • How long will a CMMC assessment take and what will it cost?
  • How should you choose your C3PAO to conduct the assessment?
  • Who will make up the CMMC assessment team?

Join us as we peek into the details of a CMMC assessment to help you be well prepared.
Register for this event