The recent notice of proposed rulemaking for the Cybersecurity Maturity Model Certification (CMMC) program made one thing for certain: the U.S. Department of Defense is serious about external service provider (ESP) security. Under the proposed regulation, U.S. defense contractors will need to pay close attention to their Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) who qualify as ESPs to ensure they also achieve and maintain the required level of CMMC compliance.  

While this proposed language raises many unanswered questions, there still are steps U.S. defense contractors can take now to evaluate the maturity of their cybersecurity program and the integral role of their MSP/MSSP.

Attendees joined CMMC experts from Carahsoft, BlueVoyant Government Solutions and Microsoft Federal on May 16th at 2pm ET to discuss best practices for navigating CMMC compliance in partnership with trusted cybersecurity providers.

During this webinar, our experts covered: 

• How likely changes to CMMC regulation will impact MSP/MSSPs
• How to evaluate different MSP/MSSP offerings for CMMC compliance as well as overall cybersecurity and supply chain cyber risk management program needs
• How Microsoft and BlueVoyant are supporting U.S. defense contractors with CMMC compliance management in protected cloud environments