MISI Defense Industrial Base (DIB) CMMC Cyber Resilience and Threat Information Sharing Program
The U.S. Department of Defense (US DoD) recognizes that security is foundational to acquisition and should not be traded along with cost, schedule, and performance moving forward. The Department is committed to working with the Defense Industrial Base (DIB) sector to enhance the protection of controlled unclassified information (CUI) within the supply chain.
The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD (A&S)) has been working with DoD stakeholders, University Affiliated Research Centers (UARCs), Federally Funded Research and Development Centers (FFRDC), and industry to develop the Cybersecurity Maturity Model Certification (CMMC).
As part of MISI's efforts in support of the Department of Defense (DoD) MISI has created a DIB cyber resilience CMMC readiness platform that includes threat sharing and analytics. Threat intelligence is gathered through a variety of sensors deployed in DIB networks throughout the US.
The sensors which include a diverse cross section from commercial vendors send a variety of cyber data back to MISI's continuous cyber threat and CMMC compliance cloud hosted platform that is complimented by a Cloud hosted SIEM that includes threat hunting capabilities.
Threat information sharing is based on threats detected in DIB networks from our cybersecurity sensors and from our threat intelligence partners that include government and commercial sources.
The combined set of threat intelligence resources acts as a real-time resource for the DIB that can be used to respond faster to active cyber threats targeted at the DIB and the DIB supply chain.
More about CMMC:
- The CMMC will review and combine various cybersecurity standards and best practices and map these controls and processes across several maturity levels that range from basic cyber hygiene to advanced. For a given CMMC level, the associated controls and processes, when implemented, will reduce risk against a specific set of cyber threats.
- The CMMC effort builds upon existing regulation (DFARS 252.204-7012) that is based on trust by adding a verification component with respect to cybersecurity requirements.
- About 300,000 companies comprising the global Defense Industrial Base (DIB) must attain CMMC Certification at an appropriate level of cyber maturity, before they can undertake new contracts.