Applying Zero Trust Strategy to CMMC Identity and Authorization Levels
In this webinar you will learn:
- How this correlates to the distinct CMMC levels and how you can educate yourself further
- How CMMC incorporates NIST standards, including NIST SP 800-171 and SP 800-53
- How to use Zero Trust principles to start your CMMC journey
- What to anticipate and prepare for requirement RFPs coming later this year
The Office of the Under Secretary of Defense for Acquisition & Sustainment and OSD Chief Information Officer introduced the Cybersecurity Maturity Model Certification (CMMC) framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). CMMC is designed as a maturity model standard for DIB companies to implement appropriate cybersecurity practices and processes to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) within their unclassified networks. It is estimated that more than 300,000 companies and research universities hold defense contracts working with controlled unclassified information (CUI) and Federal Contract Information (FCI).
Federal vendors, contractors, and universities are conducting their NIST SP 800-171 Self-Assessments while preparing for future CMMC audits. Most organizations will need to meet at least Level 3 Maturity, which requires multi-factor authentication (MFA) as the first line of defense for secure access. Duo Security has worked hard to prepare federal customers and contractors to meet this requirement while also implementing zero-trust best practices to provide admins with better control and users with a more consistent and convenient experience.
Join the first session in our CMMC series with Duo Advisory CISOs Helen Patton and Cisco Senior Federal Strategist Andrew Stewart to get an introduction to CMMC, learn what you need to prepare your organization, and how the zero-trust access model enabled by Duo improves your speed-to-security along the way!
Presenter Info
Helen Patton, Advisory CISO, Duo Security at Cisco
Helen knows security is the basis of organizational resiliency, and has spent 20+ years in consulting, banking and higher education leading security programs and sharing security strategies.
Andrew Stewart, National Security and Government Senior Strategist for Cybersecurity, Cisco
Andrew D. Stewart is a National Security and Government Senior Strategist for Cybersecurity at Cisco Systems, Inc. He works across Cisco’s Global Government practice but focuses primarily on National Defense and Intelligence. He has been with Cisco for the last 3 years after retiring from almost 30 years in the U.S. Navy where he last served as the Chief of Cyber Operations for Fleet Cyber Command/U.S. TENTH Fleet. He also served as the Commanding Officer and Program Manager of the Navy Cyber Warfare Development Group (NCWDG). He is a graduate of the Sellinger School of Business, Loyola University Maryland and the Cybersecurity and Policy Executive Program from the Harvard Kennedy School. He is also a graduate from the Naval Postgraduate School Monterey, CA, the United States Naval Academy, the National Defense University, and the Naval War College.