The Department of Defense (DoD) is implementing a 3rd Party Supply Chain Risk Management program that will require companies that receive their sensitive information to implement NIST SP 800-171 and then undergo a 3rd Party Cybersecurity Maturity Model Certification (CMMC) event. With the rest of the Federal Government, other nations, and some states beginning to roll out NIST SP 800-171 compliance requirements, this SRCM effort will impact companies across the globe. Mr. Matthew Titcombe from Peak InfoSec is a thought leader in CMMC; leads a CMMC 3rd Party Assessment Organization (C3PAO); one of the first CMMC Certified Assessors; and, develops CMMC training curriculum used globally.