ฝัง
- เผยแพร่เมื่อ 25 ก.ย. 2022
- In this session from #CS2DC hear from Robert Metzger - Mitre Consultant, Co-Author 'DELIVER UNCOMPROMISED,' Renowned Attorney:
Cyber insurance is for enterprise protection. #CMMC is for #DoD compliance. Insurers are becoming increasingly rigorous in the “due diligence” they conduct of companies before they write cyber insurance. Coverage prices are going up, limits are coming down, and exclusions are increasing. Some companies are finding they can’t afford the coverage offered, while others can’t get coverage at all. This session will explore what companies can do to preserve the insurance they have, demonstrate security that insurers now are likely to expect or demand, while fitting these near-term actions into the measures and plans of action that will prepare for CMMC assessment and certification requirements. The objective is to align actions taken now to get and keep cyber insurance coverage with parallel actions for CMMC readiness.
To learn more about CS2 - Cloud Security and Compliance Series visit: cs2.cloud/ - วิทยาศาสตร์และเทคโนโลยี
![NONT TANONT - ดอกไม้ที่รอฝน (spring) - Reimagined [Live Session]](http://i.ytimg.com/vi/nY2PsFZFEOg/mqdefault.jpg)
Excellent presentation with real world advice. Been dealing with insurance x compliance for multiple companies and using similar approach. Starts at security w insurance and bridge the gap w compliance.
Hogwash. To be perfectly clear: The DOD OWNS their own CUI. For them to then try and push both the responsibility and costs on storage and handling onto third parties (Primes and Subs), while expecting the "landlords" to eat the costs upon a promise of a potential contract later, is just not workable.
Since the Federal Government is now obsessed with pronoun usage, If the Federal Government wants to carry out THEY’RE "Constitutionally Mandated obligations to secure OUR Nation", then THEY must understand that fact that THEY own the CUI, and THEY dictate the controls and storage of CUI, and therefore THEY will pay to have those controls and storage implemented for THEIR OWN CUI.
None of the CMMC Regulation for Accountability makes any sense because the DOD is obviously trying to offload National Security back onto the people they are taxing and tasked with securing.
The CMMC boondoggle IS the equivalent of telling companies to hire their own consultants to figure out ways to defend their airspace with homemade anti-aircraft missiles.
National defense IS the sole province of the Federal Government. It cannot be shrugged-off back onto the people the government is supposed to be defending.