For the past several years, contractors with the Department of Defense (DOD) have had to meet a custodial requirement in contracts as it relates to security. Soon, this will likely be required outside the defense industrial base (DIB) and apply …
Controlled Unclassified Information: 3 Ways to Secure It and Which is Best Read More »
It’s no secret that the supply chain is under attack. We’ve seen the ramifications in headlines all year, most notably the Kaseya attack that compromised 60 customers and 1,500 downstream businesses. You can’t afford to be vulnerable as a defense …
How CMMC Can Help Protect You From the Supply Chain Crisis Read More »
Determining whether you’re positioned to contract with the government can be intimidating. Requirements include registration with various databases, meeting standards, and of course, compliance with CMMC. Fortunately, help is available free of charge through Procurement Technical Assistance Centers (PTACs). …
PTAC Expert Panel to Answer Your Contracting Questions at CMMC Con 2021 Read More »
Cybersecurity has become a priority in Washington with efforts beyond the executive order President Biden laid out in May. This month, the Cybersecurity and Infrastructure Security Agency (CISA) and Office of Management and Budget (OMB) offered technical guidance documents and …
Tenable CEO Amit Yoran to Address Government Impact on Cybersecurity in CMMC Con Keynote Read More »
As your organization works toward achieving CMMC compliance, creating your System Security Plan (SSP) and Plan of Action and Milestones (POA&M), are critical steps in the process. The documents both provide a foundation for your remediation efforts as you work …
The cyber universe has become the next battlefield–a place where threat actors, malicious entities, cyber criminals, activists, and nation states are challenging U.S. hegemony globally. We’ve seen instances where millions, or even billions, of dollars of research and decades’ worth …
Most Common Failing CMMC Controls and How to Address Them Read More »
I’m a DOD contractor; what do I need to do for CMMC? To start or continue working with the DOD, all contractors must achieve and maintain the appropriate level of cybersecurity compliance. But what do you need to do, and …
The US government, through the lead agency, the Department of Defense (DOD) is implementing a new Cybersecurity Maturity Model Certification (CMMC) requirement for all private-sector businesses that work with the DOD, and now we understand that the standard will be …
Time to Stop ISO 27001 Efforts and Migrate to CMMC Read More »
The Department of Defense (DOD) suppliers were notified at the end of September about the new DFARS Interim Rule designed to collect NIST 800-171 assessment scores from all DOD contractors through submittal to the Supplier Performance Risk System (SPRS). As mentioned in a …
SolarWinds, with more than 300,000 global clients, including many federal agencies in the United States and mostly Fortune 500 companies, unknowingly released a software update that included malware providing hackers unobstructed remote access to victim networks. The magnitude of this …
Could NIST 800-171 or CMMC have Influenced the Response to SolarWinds? Read More »
