Did you know the Defense Industrial Based Cybersecurity Assessment Center (DIBCAC) posted slides about what NIST SP 800-171 requirements were “Other Than Satisfied”?  These are the DIBCAC Gaps.

In this episode of As the CMMC Churns we will take a look at the DIBCAC Gaps report they posted and then take a look into the 5 requirements we think have the biggest bang for the buck to fix.

We are going to run into some not surprising reasons–if you’ve watched other CMMC Churns episodes–why the requirements are failing for OSCs under the commonly found DIBCAC Gaps.

If you want to see the original slides from DIBCAC, they are available at https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.dcma.mil%2FPortals%2F31%2FDocuments%2FDIBCAC%2FDIBCAC_Top_OTS_Reqts.pptx

Upcoming “As the CMMC Churns” Episodes:

  • 16 Feb: Tips about FIPS
  • 23 Feb: We’ll be at CUI-CON (https://cui-con.com)
  • 2 Mar: Vulnerability Management for Remote Workers

Key CMMC Sites

Key References

Key Acquisition References

Other Key Sites