Sum IT Up: CMMC News Roundup

February Cyber AB Town Hall Recap

The Cyber AB has once again summoned the CMMC Ecosystem to deliver its monthly update and on this week's show we are going to break it down for you. Join us as we take all the information distributed during the meeting and dish out the information you need to know. Things like: Can my FSO check on my Tier 3? Have we eclipsed the 1,000 assessments milestone? When does a mock assessment stop “mocking”? Updates on the ISACA/ CAICO switchover And so much more...Tune in to find out! Sum It Up: “The End of SPRS Scores (sort of)”: https://youtu.be/_UFN7fubgQY?si=EgtchmuAHti24Cr8 Cyber AB TH Recordings: https://cyberab.org/News-Events/Town-halls ISACA Webinar - CMMC: Requirements, Roles, and Professional Credentials: https://store.isaca.org/s/community-event?id=a33VQ000001otC1YAI ISACA CMMC Page: https://www.isaca.org/credentialing/cmmc

48% vs 9%? The DoD's CUI Numbers Don't Add Up

The DoD Inspector General is raising concerns about CUI marking again and the numbers don't add up. In 2023, the IG found that 48% of reviewed CUI documents lack proper markings. Yet the DoD CUI Program website reports only 9% were unmarked that same year. So which is it? In this episode we break down the latest DoD IG management advisory, where the recommendations fall short, and why the CUI program and the CMMC program (although closely related) are owned by different offices that can't fix each other's problems. For defense contractors, this isn't academic. CMMC enforcement depends on the integrity of the CUI program. If CUI marking is inconsistent, compliance risk increases downstream. Summit 7 Live: https://www.summit7.us/s7live 2026 IG Report: https://www.dodig.mil/reports.html/Article/4397146/management-advisory-dod-policy-and-training-on-dissemination-controls-for-contr/ 2023 IG Report: https://www.dodig.mil/reports.html/Article/3413433/audit-of-the-dods-implementation-and-oversight-of-the-controlled-unclassified-i/

No CMMC, No Contract: Why You're Already Too Late for NAVAIR

CMMC is a condition of contract award and many defense contractors are waiting until they see CMMC requirements in a solicitation to get started. But the department of defense wants the period between solicitation and award to be as short as possible. This week we crunch the numbers on 1,070 upcoming Navy contracts to see what a realistic timeline ought to look like. Summit 7 Live: https://www.summit7.us/s7live PALT Pod 2024: https://youtu.be/NZs4f5voyrg?si=S-xarOpYyiSG00Bs NAVAIR Forecast: https://www.navair.navy.mil/LRAE

The End of SPRS Scores (sort of)

The largest change to DFARS cybersecurity requirements other than CMMC took place on February 1st, 2026, and nobody knew it happened. DFARS 7019 and 7020 have been replaced by DFARS clause 252.240-7997. Basic self-assessments have been eliminated. FAR 52.204-21 has a new number. And none of this went through rulemaking. This week we're diving deep into the mysterious world of class deviations and what they mean for defense contractors moving forward. RFO Website: https://www.acquisition.gov/far-overhaul DFARS RFO Deviations: https://www.acq.osd.mil/dpap/dars/dfars_far_overhaul_class_deviations.html CMMC class deviation: https://youtu.be/vC4IJ2JQ5NU?si=B8I9DII4ZEbQ2dNx 7012 class deviation: https://youtu.be/voziZRAMvv4?si=HxIkpUWnxyergEUQ

Monthly Cyber AB Town Hall Recap (January)

After a brief hiatus, the Cyber AB has gathered the CMMC Ecosystem to deliver its monthly update. On this week's show, we breakdown the information distributed on this month's meeting that you need to know. Things like: • Who is the new DoW CIO? • Pending shutdown and CMMC Impacts • Ecosystem Growth and Certification updates • Does this show count for CPEs? And so much more...Tune in to find out! ISACA Webinar - CMMC: Requirements, Roles, and Professional Credentials: https://store.isaca.org/s/community-event?id=a33VQ000001otC1YAI DAU CMMC microlearning: https://www.dau.edu/acquipedia?combine=cmmc&title=C&field_functional_area_target_id=All&field_topic_area_target_id=All ISACA CMMC Page: https://www.isaca.org/credentialing/cmmc