Logically Speaking February 2022: CMMC is Back!
February 17, 2022
Growth Opportunities

CMMC Is Back in Full Swing

​​​​​by Jon O'Keefe, Technology Education Jedi


“Reports of CMMC’s demise have been greatly exaggerated.” -Mark Twain, probably.

Woman IT Pro Smiling And just like that, the Cybersecurity Maturity Model Certification (CMMC) is back in full swing. As many of you may remember, in November of 2021, the Department of Defense (DoD) put a pause on CMMC 1.0 and announced a new version, CMMC 2.0, with an uncertain timeline. That timeline for CMMC 2.0 has accelerated with some great news for anyone interested in training on this critically important topic.

First, the complexity of the source material has been lessened. With CMMC 2.0, there are fewer levels and fewer controls to consider, and while the topics covered in the class are still critical, the systems are arguably easier to understand. This means the course will now have a broader audience within the Defense Industrial Base (DIB) of 350,000 organizations. Whereas before, the CMMC CCP class was aimed at individuals who wanted to go on to be assessors, now CCP speaks to a wider audience including:

  • Employees of Organizations Seeking CMMC Certification (OSCs) 
    • Information Technology (IT) and cybersecurity professionals
    • Regulatory Compliance Officers
    • Legal and Contract Compliance professionals
    • Management professionals
  • Federal employees
  • Candidate CMMC Assessment team members

That is a huge list of potential training candidates that will need CMMC 2.0 training. Also, the CMMC-AB has lowered the suggested requirements for training candidates from CISSP and similar certifications to those who hold base-level IT certifications. 

All of this is great news for you! With the scope of training now reaching a wider base of individuals, you will have more opportunities to sell CMMC 2.0 training than you would have under CMMC 1.0. The time is NOW to invest in offering the Cybersecurity Maturity Model Certification to your clients before someone else does.

Keys to Selling

OSCs Are Easily Found

​​​​​by Jim Gabalski, VP, Sales and Marketing


Two Employees Working on ComputerAn OSC is an Organization Seeking Certification. If you follow any news on CMMC, you will hear this acronym often. An organization seeks CMMC certification to protect or earn a purchasing contract with the Department of Defense (DoD), and I suspect in the not too distant future, to win or maintain a purchasing contract with any federal government entity. Without a certificate of compliance, an organization will lose eligibility as a DoD supplier. So, they need training and a lot of it.

While the DoD does not publish a complete list with names and addresses, it’s not too hard to find organizations with contracts.

Here is a simple three-step process:

  1. Visit https://www.defense.gov/News/Contracts/.
  2. Find the search box which is very visible on the right-hand side of the page.
  3. Type the name of the company that you are working with in the search box and hit Enter.

What you will see is a series of results for any contracts that have been awarded with that company’s name in it. If results appear, you can stop right there as you know that your target company has been awarded a contract and is going to need to become CMMC-certified. If you dig a little deeper into the types of awards, you can gain some insight into the type of CUI (Controlled Unclassified Information) they are likely handling and how sensitive it might be. You’ve found an OSC! Try it with Raytheon and you will see how it works—many awards will appear.

If no results appear, try different names associated with your target company. The government uses legal names so make sure you are not using a DBA (Doing Business As) name. If all else fails, just ask. Most companies either have an agreement or are seeking an agreement with the federal government, but they may not have been awarded a contract yet—these will be most eager to become trained in CMMC. Keep in mind that CMMC compliance only applies to organizations that do business or seek doing business with the Department of Defense. For now, at least. So, ask about the DoD first and then extend the conversation to other paths for doing business with the federal government including GSA and FSS. We’ll cover those if/when CMMC becomes applicable, but all government contractors/suppliers need to enhance cybersecurity, so don’t shy away from the conversation.

Once you have found an OSC, the CMMC conversation will take off! And so will your training opportunities.


CertNexus CFR-410: Prepare IT Professionals with Skill that CMMC 2.0 Requires

​​​​​by Jim Gabalski, VP, Sales and Marketing


CMMC 2.0 is designed to align with NIST 800.171. The National Institute of Standards and Technology is focused on creating critical measurement solutions and promoting equitable standards, with an emphasis on use of technology. Special Publication 800-171 provides requirements for protecting the confidentiality of Controlled Unclassified Information (CUI) which is what CMMC is all about.


Megan Smith Branch Portrait

CertNexus COO
and Product Officer
Megan Smith Branch
CFR-410 in this video


Cybersecurity is the responsibility of every technical professional within an organization that is required to be CMMC compliant. CertNexus' CyberSec First Responder® - 410 validates personnel skill across all five (5) areas of the NIST Cybersecurity Framework:  Identify, Protect, Detect, Respond, and Recover. CFR-410 aligns with the compliance requirements of SP 800-171 including Incident Response, Audit and Accountability, and Risk Assessment. This certification is a must-have for any IT Professional tasked with supporting a CMMC compliance program.

CFR is the most holistic, vendor-neutral, intermediate-level certification program approved by the Department of Defense and accredited by the American National Standards Institute (ANSI) and the International Organization for Standardization (ISO). A student achieving this certification will have the training and skills to identify breaches quicker, protect against future incidents, defend against potential threats, respond when incidents occur, and recover data that is breached.  

Learn more about CFR-410 by downloading an outline and providing your customers with more information using the CertNexus CFR-410 sell sheet.


Download the CertNexus CFR-410 Marketing Kit

​​​​​by Jim Gabalski, VP, Sales and Marketing


CFR-410 is here! CertNexus has developed several valuable assets to help you start selling CFR-410. 

​​​​​​In the CertNexus CFR-410 marketing kit, you'll find: 

  • Social media images to pique your followers' interest.
  • An email template to share with your student network.
  • A sales sheet to share with students during prerequisite courses—with space to add your contact information.
  • A video that can be shared on your own site and social media.
  • A PowerPoint deck with information you can share with clients.

Download the CertNexus CFR-410 marketing kit

Curriculum Corner

CMMC 2.0: We'll Be Ready. Here's What You Need to Know. 

by Nancy Curtis, VP, Content


Data analyst working on computerAs one of the few Licensed Partner Publishers with CMMC-AB Approved Training Material (CATM), Logical Operations was excited to learn from the CMMC Accreditation Body (AB) that the Department of Defense (DoD) approved the CMMC Model 2.0 version of the Certified CMMC Professional (CCP) exam blueprint. We went right to work with our distinguished team of SMEs to make required additions and revisions to our popular CCP curriculum to align it with Model 2.0 and the new blueprint!  

There are a couple of gates to pass through before we can release updated CCP CATM:  

  • The DoD must approve the CMMC-AB’s Model 2.0 version of the CMMC Assessment Process (CAP) document. The CAP is the reference source for a significant portion of the required course coverage.   
  • With the updated CAP in hand, we hope to submit updated content for the required accreditation review early in Q2.   
  • We don’t yet know the process or timeline for courseware re-accreditation. Our goal is to get updated pre-release materials in your hands for your preparation when we submit for review - or even before.   

So look for Model 2.0 CCP curriculum coming soon! And stay tuned for more: the CMMC-AB has also recently released the Certified CMMC Assessor (CCA) blueprint, so it won’t be long before we’ll get cracking on CCA courseware as well.


CCP Is Foundational Cybersecurity

by Tamara Hagen, Instructional Designer 


Male IT Professional Working on ComputerBecause CMMC Model 2.0 is essentially a subset of the Model 1.0 standard, Logical Operations’ updated Certified CMMC Professional (CCP) curriculum will be even easier to deliver and will appeal to an even broader audience than before.  

We see the new CCP as a foundational course in the field of IT and cybersecurity because it is centered around NIST SP 800-171, which provides a strong baseline for protecting sensitive information, whether it is your company’s proprietary information or the government’s.  

The CMMC-AB suggests that the CCP course is right for:  

  • Prospective assessors and assessment team members 
  • Cybersecurity and technical consultants 
  • Planning and implementation staff within Organizations Seeking CMMC Certification (OSCs):
    • IT and cybersecurity professionals
    • Regulatory, legal, and contract compliance officers
    • Operational managers
    • Organizational leaders
  • Federal employees

In other words – almost anyone who plays a role in the Defense Industrial Base (DIB) can benefit from the CCP 2.0 course.   

You’ll likely see these changes in the CCP course once we align it with Model 2.0:  

  • Updated content about the redesigned levels in the CMMC Model. 
  • New content about the modified program requirements and timelines. 
  • New content about self-assessments and third-party assessments. 
  • New content about preparing an OSC for assessment by fostering a culture of cybersecurity. 
  • Expanded content about the Level 1 practices that will include coverage of the assessment objectives needed to confidently self-attest compliance. 
  • New content on the updated CMMC documentation - assessment guides, scoping guidance, and the artifact hashing tool user guide. 
  • New content about plans of actions and milestones (POA&Ms). 
  • Updated content about the phases in the CMMC Assessment Process (CAP). 

What won’t change are all the great qualities that have already made the LO curriculum so popular throughout the CMMC training community:   

  • The focus on presentation materials, student engagement, and instructor support.  
  • Rich instructor slide decks with detailed delivery suggestions. 
  • A student courseware manual featuring:
    •  Searchable replicas of all the presentation slides.
    • Scripted interactive activities.
    • A complete Glossary and Index.
    • An exam-mapping document to help students coordinate their exam preparation.  

The updates to the CCP course will make it a foundational cybersecurity resource for both OSC teams looking to implement CMMC requirements and for future assessment team members and assessors. It will provide the knowledge and tools to help validate CMMC compliance, whether it is in preparation for a self-assessment report to the DoD or for an assessment by a C3PAO. 


Don't Stop Believin' in CMMC 1.0

by Nancy Curtis, VP, Content


Don't stop believin' in CMMC 1.0Keep up your momentum with existing CMMC training!  We’ve been thrilled with the popularity of Logical Operations’ current Certified CMMC Professional (CCP) during this interim period.  We know it’s because you and your students recognize its value and relevance.  

Because CMMC Model 1.0 is a superset of CMMC Model 2.0, the Certified CMMC Professional (CCP) courseware offers great benefits to the huge numbers of planners, implementers, and consultants who will be prepping organizations for CMMC.  

And it’s also great for prospective certified CMMC professionals and future assessors.  Taking this version of the course will give them even more information, context, and background to help them do their jobs. And taking the course now is risk-free for your learners, because the CMMC-AB will be providing complimentary online bridge training between now and the release of the Model 2.0-aligned exams.

So keep filling those classrooms, and don’t stop believing in the power and potential of CMMC!    




Latest Product Highlights


 Content Revisions

Logical Operations revises student and instructor materials based on technical changes, customer feedback, and our own assessment of necessary changes. The revision notes for the most recent updates are below as well as posted on the Content Revisions page. Use this page as a resource to quickly access and view all revision details for any of our recent course updates. 

Reminder: When viewing a product on the store, check the Revision Information tab to see the summary description of the most recent revision for that product at any time.


Screenshot of revision field on Logical Operations store

Instructor Spotlight
Tech Talk Tuesdays

Register for the CMMC Tech Talk on March 8

Join Jedi Jon's next Tech Talk about CMMC to learn more about the training opportunities that CMMC presents and what you can do now to start taking advantage of those opportunities.

CMMC LPP Licensed Badge
He'll cover:
  • A brief background on CMMC 2.0
  • Target organizations and job titles
  • Common questions to start with
  • Overcoming objections
Register for the CMMC Tech Talk now.


Invite Your Clients to the DX Tech Talk on February 22

Jedi Jon New Tech Talk Video

Not sure how to start the conversation about digital transformation with your clients? Looking for additional content to share with them? Let us help! We're holding an exclusive digital transformation Tech Talk for students on Tuesday, February 22. 

Invite your clients to this 30-minute Tech Talk with Jedi Jon so they can learn about digital transformation and how proper training in specific digital topics can make the difference between a successful organization and one that lives on only in a Google search. 

Register your clients for the Tech Talk now and download this sample email template that you can edit as you see fit, and then send to your clients. 

Instructor Spotlight



Teaching Prep




Inside LO