Session Abstract: The Cybersecurity Maturity Model Certification (CMMC) framework is governed by the U.S. Department of Defense. Conformity to this framework is required by October 1, 2025, yet many are still struggling to understand how to make sense of the required controls. In this session, attendees will walk away with a better understanding of how to prepare for CMMC Assessments, including how to tally up their scores. Attendees will also learn how the efforts of CMMC can help with conforming to other federated standards, such as GLBA and NSPM-33. Attendees will also get a glimpse into UArizona’s efforts in managing this endeavor.

Summary: This session will provide attendees with a high-level overview to prepare for assessments under the Cybersecurity Maturity Model Certification (CMMC) framework. Attendees will walk away with actionable knowledge to prepare for the CMMC or other federated standards.

Additional Information: Attendees of this session should have a basic understanding of the Cybersecurity Maturity Model Certification framework as well as the National Institute of Standards and Technology Special Publications 800-171 and 800–53. Attendees without this basic knowledge will still glean valuable information they can take back to their colleagues but may find it a challenge to keep up with the terminology.