
Matthew Berg Dissertation Proposal Defense, Saturday, July 11, 2026 @ 1:00 pm Central Time
July 11 @ 1:00 pm - 2:00 pm
COMMITTEE CHAIR: Dr. Elvis Ndembe
TITLE: BENCHMARKING SUCCESSFUL CMMC IMPLEMENTATION IN A SMALL SPACECRAFT MANUFACTURER THROUGH THE TECHNOLOGY-ORGANIZATION-ENVIRONMENT FRAMEWORK
ABSTRACT: The Cybersecurity Maturity Model Certification (CMMC) has become a consequential buyer-imposed requirement within the U.S. Department of Defense industrial base, yet limited empirical knowledge explains how small advanced-manufacturing suppliers successfully attain compliance. This mixed-method dissertation examines how supplier collaboration drivers, grouped control strategies, and organizational conditions combine to produce successful CMMC requirement attainment among small spacecraft-related manufacturers. Grounded in the Technology-Organization-Environment (TOE) framework, the study bridges four under integrated literature streams: buyer-supplier collaboration, supplier integration, standards and compliance adoption, and cybersecurity implementation. The study employs a sequential mixed-method design with a case-comparison orientation. First, a structured literature mapping of the past 15 years of supplier and vendor collaboration research identifies recurring antecedents, including trust, commitment, information integration, process alignment, and governance associated with successful interorganizational requirement attainment. Second, a survey organized around grouped CMMC control categories captures the reported strategies used by firms to meet each group, with respondents segmented by firm size, supply-chain role, and related characteristics. Third, the TOE framework interprets reported strategies as primarily technological, organizational, or environmental in character, and those patterns are compared to the implementation approach of a focal small spacecraft supplier (the benchmark) that successfully achieved CMMC certification. The study is expected to produce four contributions: a thematic map of 15 years of collaboration antecedents, an empirically grounded CMMC control grouping, survey evidence on firm-level compliance strategies, and a linked interpretive model connecting collaboration theory to grouped control strategy and focal-case evidence. Findings offer theoretical contributions to the compliance and supply-chain literature and practical guidance for managers and policymakers in resource-constrained defense organizations.
Keywords: Cybersecurity Maturity Model Certification (CMMC), Technology-Organization-Environment (TOE) framework, buyer-supplier collaboration, defense industrial base, spacecraft manufacturing, supply-chain cybersecurity, compliance strategy, small business
Room Location: Northwest Center, Room 205
