By early 2025, we expect the CMMC Final Rule (32 C.F.R.) to be published and CMMC assessments to be underway. Although the CMMC Program will be applicable to the MSP/MSSP industry, it is not requiring certification of the MSPs who service Defense Industrial Base customers to the same standard as their customers. But what does it mean for MSPs to implement the NIST 800-171 r2 standard on their customer’s behalf and participate in their customer assessments? Is that really going to be less expensive in money, resources and time, than obtaining their own CMMC Level 2 Certification?
There are many ambiguous areas of CMMC that we need clarification on, with the potential of even more regulatory guidance via an update to 48 C.F.R. that may arrive in the same window of time.
This session will review the 32 CFR guidelines for MSPs, and present the updated findings in a digestible way for our industry to action upon. Be sure to register today!
Joy Beland Biography:
Joy Beland serves as the VP of Partner Strategy and Cybersecurity Education at Summit 7, leveraging her knowledge of the CMMC ecosystem and wide reach of partnerships through her 29-year career in IT and cybersecurity. Before joining Summit 7, Joy served as Senior Cybersecurity Consultant and Professional Instructor at Edwards Performance Solutions, actively participating in CMMC readiness assessments while overseeing the curriculum development and instructor training for the Cyber-AB Approved CCP and CCA certification courses. Joy also served as CEO of her own MSP practice in the greater Los Angeles area for 21 years.