2025 events

On December 16, 2024 the Department of Defense (DoD) finalized the new cybersecurity requirements for small federal contractors.  Audits conducted by the Defense Contract Management Agency (DCMA) found ten key deficiencies in contractor programs.  Each deficiency  will have it's own webinar.  Selected solutions providers have been invited to participate.

• CUI 3.13.11, FIPS validated cryptography is available from Fortinet, Sonicwall and Palo Alto.  This is a #1 deficiency.
• CUI 3.11.1, Risk Asssessment.  Cybersecurity risk assessment is defined by the NIST 800-53 RA-3 safeguard.  An expert system AI implementation off RA-3 has been audited more than 400 times.

In addition a separate webinar will help on the difficult issue of incident response.  As US defense contractors, there really are people out to get you.  Webinars will be held roughly at monthly intervals.

On December 16, 2024 the CMMC 2.0 cybersecurity rules became final and official.  Contract details involving CMMC 2.0 are expected to be final in Q1 and start showing up in contracts and contract renewals by mid-year.  While as many as 30% of federal contractors may leave the market, how feasible is CMMC 2.0 compliance for the 70% of contractors who would like to stay?  Especially since the median size federal contractor has only 4 staff.  To dig into the real details of CMMC 2.0 implementation, ACR 2 Solutions has rewired a network segment at its Lilburn, GA office to meet both CMMC Level 1 and Level 2 requirements for 4 employees, 3 local and 1 remote.  For the next 12 months, ACR 2 will be recording the successes, failures and unexpected events of a 4 person office attempting CMMC 2.0 compliance.  Join us Mar 26 to discuss CMMC 2.0 network setup, SSP preparation, filing of initial DoD Assessment scores, and unexpected events as they occur.  Free registration at https://attendee.gotowebinar.com/register/1031061975872049240