In this episode Eric Poppe, a Director in Cherry Bekaert’s Government Contractor Industry practice, leads a panel discussion on the current state of the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 program. He and the panel draw from the Firm’s own experience with the assessment process, having undergone a Level 2 assessment to receive authorization from the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body, Inc. (The Cyber AB) as a CMMC Third-Party Assessment Organization (C3PAO).

Listen in to hear from Neal Beggan, Partner and leader of Cherry Bekaert’s Risk Advisory and Information Technology Audit Group, Matthew Schiavone, Managing Director and Brian Kirk, Senior Manager, from the Firm’s Information Assurance & Cybersecurity Practice as they share insights into:

• Current state of CMMC
• Status of the Final Rule – Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204.7021, or the “CMMC Clause”
• What we are seeing in contracts
• What a C3PAO means
• Assessment pitfalls
• Joint Surveillance Voluntary Assessments program in partnership with the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC)

Catch up on Cherry’s Bekaert’s previous guidance pertaining to CMMC 2.0:

• Podcast: What’s New with CMMC 2.0?: August 2022 Update
• Podcast: CMMC 2.0 Brings Major Program Changes
• On-demand webinar: CMMC 2.0 Brings Major Program Changes

If you have any questions regarding CMMC, Cherry Bekaert’s Information Assurance & Cybersecurity and Government Contracting advisors are available to discuss your situation with you.

View all Government Contracting Podcasts