At long last the DIB Cybersecurity Strategy has officially been released and it's ... not great. One thing is clear: CMMC is a key part of the DoD's strategy and there are many DoD resources specifically designed to help contractors deal with it. Instead, the DoD is focused on coordination, communication, and threat intelligence sharing.
Episode Links:
DIB Cyber Strategy: https://www.defense.gov/News/Releases/Release/Article/3723439/dod-releases-defense-industrial-base-cybersecurity-strategy/
GCC: https://www.cisa.gov/resources-tools/groups/government-coordinating-councils
SCC: https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors/defense-industrial-base-sector/sector-charters-and-membership
CIPAC: https://www.cisa.gov/resources-tools/resources/cipac-2022-charter
NSA Enduring Security Framework: https://www.nsa.gov/About/Cybersecurity-Collaboration-Center/Enduring-Security-Framework/