Skip to content
PodcastsGovernmentSum IT Up: CMMC News Roundup

Sum IT Up: CMMC News Roundup

Summit 7
Sum IT Up: CMMC News Roundup
Latest episode

166 episodes

  • Sum IT Up: CMMC News Roundup

    CMMC Phase 2 Is Suspended... But Contractor Liability Just Went UP

    2026/07/16 | 23 mins.
    Miss the CUI Hotline Telethon? Watch it on-demand: https://summit7.us/event/secure-the-dib-telethon



    The DoD has suspended the November 2026 transition to Phase 2 of CMMC implementation, but that doesn't mean cybersecurity requirements have been relaxed.



    In this episode, we explain what actually changed, what didn't, why Level 2 self-assessments now matter more than ever, and how contractors could expose themselves to significant False Claims Act liability if they misunderstand the news.



    We also discuss the 60-day CMMC program review, the DoD's Request for Information, and what defense contractors should focus on moving forward.



    Phase 2 Announcement: https://www.war.gov/News/Releases/Release/Article/4542329/forging-the-arsenal-of-freedom-department-of-war-suspends-cmmc-phase-ii-require/



    Phase 2 Blog: https://summit7.us/blog/cmmc-phase-2-suspended-with-60-day-review-what-happens-next



    32 CFR 170.16: https://www.ecfr.gov/current/title-32/section-170.16



    32 CFR 170.22: https://www.ecfr.gov/current/title-32/subtitle-A/chapter-I/subchapter-G/part-170/subpart-D/section-170.22



    False Claims Act: https://youtu.be/T5wJYnQzWws?si=pn8iwA7_8Ys_wvdq
  • Sum IT Up: CMMC News Roundup

    Last Chance to Influence the FAR CUI Rule

    2026/07/09 | 17 mins.
    Register for Secure The DIB: https://summit7.us/event/secure-the-dib-telethon



    The public comment period for the proposed FAR CUI rule closes on July 23, making this your last opportunity to influence one of the biggest cybersecurity changes coming to federal contracting.



    Simply supporting or opposing the rule isn't enough. In this episode, we break down the Government's own guidance for writing effective public comments and explain the seven principles that make comments persuasive.



    You'll learn the common mistakes to avoid, how to build evidence-based arguments, and how to give regulators constructive recommendations they can actually use.



    Whether you're planning to comment on the FAR CUI rule or want to better understand how federal rulemaking works, this episode will help you make your comment count before the deadline.



    Register for Summit 7 Live: https://www.summit7.us/s7live



    FAR CUI Rule: https://www.federalregister.gov/documents/2026/06/23/2026-12559/federal-acquisition-regulation-revolutionary-federal-acquisition-regulation-overhaul-parts-1-2-4-33



    GSA Comment Guidance: https://www.regulations.gov/commenting-guidance
  • Sum IT Up: CMMC News Roundup

    There Are Enough CMMC Assessors, Contractors Just Aren't Ready

    2026/07/02 | 10 mins.
    Another 279 companies achieved CMMC Level 2 certification in June 2026, bringing the total to 1,717 certified organizations.



    That's a record month and far ahead of DoD's original projections. But the data also shows something surprising: the industry still isn't using all of its available assessment capacity.



    In this episode, we break down the latest Cyber AB numbers, explain our assessment capacity methodology, and discuss why contractor readiness, not assessor availability, remains the biggest constraint on CMMC adoption.



    Topics covered:



    • June 2026 CMMC Level 2 certification numbers



    • Available CMMC assessment capacity



    • Why the assessor shortage narrative doesn't match the data



    • The connection between CMMC readiness and DFARS 252.204-7012 compliance



    • What these trends could mean for the rest of the phased rollout



    Have questions? Contact us: https://summit7.us/



    Register for Secure The DIB: https://summit7.us/event/secure-the-dib-telethon



    Monthly Cyber AB Town Hall: https://cyberab.org/News-Events/Town-Halls/pager/7916/page/2
  • Sum IT Up: CMMC News Roundup

    A Perfect SPRS Score Turned Into a $507K Settlement

    2026/06/25 | 13 mins.
    The DOJ has announced its first cybersecurity False Claims Act settlement of 2026, and the details should get every defense contractor's attention.



    In this episode, we break down the LOGZONE settlement, the difference between DFARS 252.204-7012 and CMMC, how a perfect SPRS score became a DIBCAC assessment score of -170, and why this case may be a preview of additional enforcement actions still working their way through the system.



    Topics covered:

    • LOGZONE FCA settlement details

    • DFARS 252.204-7012, 7019, and 7020

    • SPRS self-assessment scores

    • DIBCAC medium assessments

    • Why no whistleblower was required

    • What this means for defense contractors moving forward



    Settlement and source documents linked below.



    Register for Secure The DIB: http://summit7.us/event/secure-the-dib-telethon



    Register for Summit 7 Live: https://www.summit7.us/s7live



    DOJ Settlement: https://www.justice.gov/opa/pr/alabama-defense-contractor-agrees-pay-507144-resolve-false-claims-act-liability-relating



    DoD IG + DOJ (2023): https://youtu.be/_3GLX6ele_E?t=448



    FCA pod w/ Alexander Canizares: https://youtu.be/Tga0krfIrEk?si=i6E2FuLY7QLNGmos



    FCA pod w/ Stephanie Siegmann: https://youtu.be/d1yweDy2wV4?si=drOwbWxBm9GAlh38



    FCA w/ Bruce Judge: https://youtu.be/tqT_5yQBlOk?si=xgmqev-87KTKpxUJ
  • Sum IT Up: CMMC News Roundup

    What 2,005 Votes Revealed About Why Organizations Struggle With CMMC

    2026/06/18 | 20 mins.
    Register for Secure The DIB: https://www.summit7.us/secure-the-dib-telethon



    Over the last two months, we ran the CMMC Challenge Bracket.

    Eight matchups, 907 participants, 2,005 votes.

    The winner? Leadership Buy-In.

    But the final standings were only part of the story.

    In this episode, we break down the voting trends, coalition shifts, and comment analysis to understand what the community actually believes is holding organizations back from CMMC success.
More Government podcasts
About Sum IT Up: CMMC News Roundup
It's difficult to keep up with all of the moving parts that make up the Department of Defense's Cybersecurity Maturity Model Certification Program. It's even more difficult to keep up with the relevant bits and bites that influence CMMC. This weekly podcast sums up the news and developments relevant to CMMC; DFARS and other regulations; and NIST standards such as SP 800-171, SP 800-53, the NIST Cybersecurity Framework, and others.
Podcast website

Listen to Sum IT Up: CMMC News Roundup, Real Problem with Chester Missing and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Sum IT Up: CMMC News Roundup: Podcasts in Family