search menu icon-carat-right cmu-wordmark

Subject: Cybersecurity Maturity Model Certification (CMMC)

Beyond NIST SP 800-171: 20 Additional Practices in CMMC

Beyond NIST SP 800-171: 20 Additional Practices in CMMC

• SEI Blog
Andrew Hoover

Katie Stewart co-authored this blog post. In November, defense contractors will be required to meet new security practices outlined in the Cybersecurity Maturity Model Certification (CMMC). As this post details, while the primary source of security practices in the CMMC is NIST Special Publication 800-171, the CMMC also includes 20 additional practices beyond 800-171 at levels 1-3. These 20 practices are intended to make DoD contractors more security conscious. Supply chain attacks are increasing at...

Read More
Cybersecurity Maturity Model Certification (CMMC) Part 2: Process Maturity's Role in Cybersecurity

Cybersecurity Maturity Model Certification (CMMC) Part 2: Process Maturity's Role in Cybersecurity

• SEI Blog
Andrew Hoover

Katie Stewart co-authored this blog post. Process maturity represents an organization's ability to institutionalize their practices. Measuring process maturity determines how well practices are ingrained in the way work is defined, executed, and managed. Process maturity represents an organization's commitment to and consistency in performing these practices. A higher degree of process institutionalization contributes to more stable practices that are able to be retained during times of stress. In the case of cybersecurity, having mature...

Read More
The Latest Work from the SEI: DevSecOps, Artificial Intelligence, and Cybersecurity Maturity Model Certification

The Latest Work from the SEI: DevSecOps, Artificial Intelligence, and Cybersecurity Maturity Model Certification

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, conference papers, and webcasts highlighting our work in DevSecOps, cybercrime and secure elections, software architecture, trustworthy artificial intelligence, and Cybersecurity Maturity Model Certification (CMMC). We have also included a webcast of a recent discussion on Department of Defense (DoD) software advances and future SEI work. These publications highlight the latest work...

Read More
An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

• SEI Blog
Katie C. Stewart

Andrew Hoover co-authored this blog post. A recent study predicted that business losses due to cybercrime will exceed $5 trillion by 2024. The threat to the Defense Industrial Base (DIB)--the network of more than 300,000 businesses, organizations, and universities that research, engineer, develop, acquire, design, produce, deliver, sustain, and operate military weapons systems--is especially alarming due to current cyber warfare activities by cybercriminals and state-sponsored actors. A cyber attack within the DIB supply chain could...

Read More