Cyber AB Townhall: National Cybersecurity Strategy and CAICO Updates
The monthly Cyber AB town hall for March took place on Tuesday, March 28th.
2 Minutes Read
The monthly Cyber AB town hall for March took place on Tuesday, March 28th.
Key Takeaways:
- While we are waiting for rulemaking to finalize, your organization's CMMC efforts should not.
- The National Cyber Strategy key principles directly align with the CMMC model and it’s intended outcomes.
- CAICO Director Kyle Gingrich provides an update for the Cybersecurity Assessor and Instructor Certification Organization (CAICO)
Agenda:
- CEO Welcome and Update
- CAICO Corner
- Extended Q&A
CEO Welcome and Update
CEO Matt Travis provided updates regarding the Joint Surveillance Voluntary Assessments (JSVA) program. The program is proving successful, as the number of active or completed assessments is now at 17 with dozens of organizations on the waiting list to be selected.
While we are waiting for rulemaking to finalize, your organizations CMMC efforts should not.
It is imperative that those organizations begin preparing for their assessments and seek guidance and support from experts within the CMMC ecosystem and from C3PAO's.
Travis also drew attention to the recently released National Cyber Strategy, which reinforces the principles that CMMC aims to achieve. These principles include:
-
- Establishes minimum cybersecurity requirements for critical infrastructure.
- Rebalances the responsibility to defend and places appropriate burdens on industry.
- Re-aligns incentives to favor a long-term resolution.
- Utilizes existing cybersecurity frameworks (NIST 800-171)
- Designed to support the harmonizing of regulations across the government landscape. (CUI protections to extend into areas other than the DoD)
- The scaling of PUBLIC-PRIVATE collaboration.
- Holds data stewards accountable for protection.
- Leverages federal procurement to improve accountability.
- Updates have been made to the Cyber AB Website/ Platform to increase performance and to allow for international contributors to the ecosystem access to necessary assets.
- Matt Travis will be at the 2023 RSA Conference for the entire event, and CMMC presentation will be a part of the Public Sector Day of the event which will be April 24th.
CAICO Corner
CAICO Director Kyle Gingrich joined the meeting this month to provide an update on behalf of The Cybersecurity Assessor and Instructor Certification Organization (CAICO). Among the updates delivered were the following:
- Provisional Assessors (PAs) must earn their CMMC Certified Professional (CCP) by April 19th or they lose their provisional status and the associated benefits of the provisional program
- Additionally, Provisional Assessors (PAs) must earn their CMMC Certified Assessor (CCA) by June 16th or they lose their provisional status and the associated benefits of the provisional program
- Among the benefits of the PA program is the establishment of suitability to perform CMMC Assessments. PAs are already deemed suitable and will be required to perform three assessments before becoming a CCA.
- However, NON-PA’s, will still be required to perform three CMMC Assessments to establish suitability. The CAICO is working on a program to accelerate this requirement. Details are coming soon.
Extended Q&A
During this period of extended Q&A members of the Cyber AB and The CAICO answered questions from the audience regarding CMMC. Some of the topics covered included:
- Delayed support times for tickets submitted via the Cyber AB website.
- Rulemaking
- Requirements for credentialed designations such as the RP, CCP, CCA, and CCI.
To view the complete Q&A portion of the Cyber AB Town hall, visit: March 2023 Town Hall - CyberAB
The next Cyber AB Town Hall is scheduled to take place on Tuesday April 25th.
Previous Town Halls are available here.
