Building My Business Webinar Series

January 2025

CMMC is Here! What Does It Mean for MSPs?
4 p.m. Eastern, Thursday, Jan. 9

Mark Jennings, founder, OTX Partners

The Cybersecurity Maturity Model Certification (CMMC) program final rule is in the books. After more than five years in development, we now know exactly what is required of contractors in the defense industrial base (DIB) in order to secure contracts with the U.S. Department of Defense. More importantly for MSPs, we now know how IT managed services fit into the program. For the first time, MSPs are directly connected to their clients' compliance requirements regarding the services they provide. Stipulations within the rule specifically state that the services and assets of external service providers, which include MSPs, are within the scope the contractor's CMMC Assessment. Failure of an MSP to provide adequate documentation and evidence of compliance with the requirements will cause the contractor to fail its CMMC Assessment, a costly mistake. This can put millions, if not billions, of dollars at risk for the contractor. Contractors in the DIB will be more selective of the MSPs they hire, ensuring they can provide evidence of compliance. In some cases, contractors will require full CMMC Level 2 certification of their MSPs.

What You Will Learn:

• Details of the CMMC program and what it entails
• The underlying set of controls that must be in place to meet the certification requirements
• What it means to be compliant
• How MSPs fit into the assessment process
• Unique challenges that office technology/MSP organizations face
• Strategies to limit the scope of CMMC requirements within your MSP
• What to expect from clients doing business within the DIB
• The implementation timing and the four-phase rollout plan

Who Should Attend: This webinar covers a combination of business level concerns, as well as the technical requirements of providing services to DIB clients. Owners and senior executive team members will learn about the potential loss of business due to an inability to comply, as well as estimated costs to meet the requirements. Service leaders and chief information security officers (CISO) will learn what is required regarding people, process and technology to be prepared to assist clients with their assessments.

CMMC affects a broad range of industries, not just manufacturing. Take this opportunity to understand the business that might be at risk and learn ways to protect it.

Testimonials From Fellow Dealers:

"Being a member of the OTX Roundtable for the past three years has been an invaluable asset as we navigate the complexities of CIS and CMMC compliance. The collaboration with like-minded MSPs keeps us focused and accountable, ensuring compliance remains a top priority. Mark Jennings' leadership and thorough research provide us with up-to-date insights and guidance, saving us countless hours and helping us stay ahead in the ever-evolving compliance landscape." — Jeff Loeb, president, Vitis Technologies, a Prosource company, Blue Ash, Ohio

"If you want to improve your team's knowledge of security and regulatory compliance, I highly recommend the OTX Partners peer group hosted by Mark Jennings. Mark takes an active interest in the success of his peer group members and readily seeks to help them achieve their goals. Mark's knowledge of security best practices and the ever-evolving compliance landscape is invaluable to anyone interested in moving their business forward in these areas. My team has significantly improved our security posture and is having much more meaningful client-facing conversations with our clients regarding security and compliance. When it comes to security and compliance, I can say without hesitation that Mark Jennings and his OTX Partners peer group are difference makers." — Justin Huffaker, vice president of strategic technology, Datamax, Little Rock, Arkansas