CMMC Accreditation Body Rebrands as “CyberAB”
The CMMC-ABs new website leans into conflicts of interest and blatantly false claims regarding accreditation.
Category: CMMC
BREAKING: Katie Arrington Resigns
The former architect of the doomed CMMC 1.0 cybersecurity program has resigned.
DODIG Shuts Down CMMC “Omnibus” Complaint Providing No Justification
DODIG claimed they were unauthorized to release documentation, despite Oxebridge never having asked them to.
BREAKING: DoD Eliminates Katie Arrington’s Position, Shifts CMMC to CIO
The Pentagon has scuttled the CISO position previously held by Arrington, and taken away control of CMMC from her cronies at OUSD A&S.
After Undisclosed Settlement Agreement, Arrington Lawsuit Dismissed with Prejudice
Arrington’s suspension remains in effect, while she is prohibited from re-filing a lawsuit in the matter.
Cask Criminal Sentencing Delayed Until June 2022, as Prosecutors Pursue “Big Fish”
The move suggests Federal prosecutors are preparing to move against senior officials at Cask.
No, CMMC C3PAOs Will Not Be Allowed to Provide Level 1 Self-Assessments for Clients
The CMMC Accreditation Body’s promise to provide contract CMMC self-assessments would violate ISO 17021-1.
“CUI: CMMC Under Investigation” Interview with Chris Paris
I sat down for a lively interview with US Army Major and cybersecurity expert Leslie Weinstein to discuss accreditation within the CMMC scheme.
CMMC 2.0: Key Takeaways and a Call for Rational Calm
Don’t panic, stop spending, avoid the sunk-cost fallacy, and pay attention to the critics who have been consistently right since Day One.
DoD CIO to Take Over CMMC, While Accreditation Body Contract Will “Lapse as Moot”
CMMC-AB may be allowed to credential trainers and assessors, but not accredit C3PAOs.
DoD’s Arrington Sues Federal Gov for Failure to Provide Her Due Process, Doesn’t Wait for Due Process
Complaint claims that after five months, no action was taken on Arrington’s security clearance suspension, but DoD procedures allow for a minimum processing time of six months, with no upper limit.
DOD CMMC Rep Confirms IG Investigation, Declines to Provide Updates on Reciprocity or “Home Inspection” Rule
The DOD won’t release updates on FedRAMP, ISO 27001 reciprocity with CMMC, nor provide the promised CIO ruling on inspections of private residences for CMMC compliance.
