Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including the implementation and assessment of the NIST Special Publication (“SP”) 800-171. By the second quarter of 2023, the DoD expects to issue either an interim or final rule to establish a regime of third-party assessments of implementation of the NIST SP 800-171 called the Cybersecurity Maturity Model Certification (“CMMC”). This represents a major compliance and technical challenge for the entire Defense Industrial Base (“DIB”), one which both domestic and foreign contractors will need to address.
In this 60-minute webinar Alex Trafton of Ankura’s National Security, Trade, & Technology practice will engage in a discussion with Liza Craig, Partner, Goodwin Procter LLP, and Urban Lyxen Bervelius, Security Compliance Officer from Saab (Sweden) to cover the most common challenges defense contractors face in implementing the NIST SP 800-171/CMMC and how Saab has built governance and technical solutions to meet the requirements of CMMC. This webinar will provide a unique perspective to CMMC compliance which will provide valuable insight to both technical and non-technical stakeholders including executives, CISOs, in-house counsel, compliance officers, and IT personnel. The webinar will be extremely valuable for non-U.S. defense contractors who will also be subject to DFARS/CMMC requirements but will not have access to the same security solutions available to U.S.-based defense contractors.
• What are the current and future cybersecurity requirements for defense contractors;
• Identifying and managing CUI;
• Aligning governance and technical requirements;
• Harmonizing export control and CUI requirements;
• Designing and implementing enclave solutions;
• Effective messaging to leaders to get the resources required.