Section 1648 of the NDAA for FY 2020 (Pub. L. 116-92) required that the Department of Defense (DoD) develop a consistent, comprehensive framework to enhance the cybersecurity of the United States Defense Industrial Base (DIB).  DFARS Case 2019-D041; Strategic Assessment and Certification Cyber Security Requirements implements a DoD assessment Methodology and Cybersecurity Maturity Model Certification (CMMC) framework in order to assess contractor implementation of cybersecurity requirements and enhance the protection of unclassified information within the DoD supply chain.  The theft of intellectual property and sensitive information from all U.S. industrial sectors due to malicious cyber activity threatens U.S. economic and national security. The aggregate loss of intellectual property and certain unclassified information from the DoD supply chain can undercut U.S. technical advantages and innovation, as well as significantly increase risk to national security.  The DoD Assessment Methodology and the CMMC Framework is expected to enhance the protection of FCI and CUI within the DIB sector. 

This training session provides an overview of CMMC and the NIST SP 800-171 DoD Assessment Methodology as it relates to DFARS Clause 252.204-7012.