For the past several years, contractors with the Department of Defense (DOD) have had to meet a custodial requirement in contracts as it relates to security. Soon, this will likely be required outside the defense industrial base (DIB) and apply […]
How to Secure Controlled Unclassified Information Efficiently Read More »
It’s no secret that the supply chain is under attack. We’ve seen the ramifications in headlines all year, most notably the Kaseya attack that compromised 60 customers and 1,500 downstream businesses. You can’t afford to be vulnerable as a defense
How CMMC Can Help Protect You From the Supply Chain Crisis Read More »
Determining whether you’re positioned to contract with the government can be intimidating. Requirements include registration with various databases, meeting standards, and of course, compliance with CMMC. Fortunately, help is available free of charge through Procurement Technical Assistance Centers (PTACs).
PTAC Expert Panel to Answer Your Contracting Questions at CMMC Con 2021 Read More »
Cybersecurity has become a priority in Washington with efforts beyond the executive order President Biden laid out in May. This month, the Cybersecurity and Infrastructure Security Agency (CISA) and Office of Management and Budget (OMB) offered technical guidance documents and
Tenable CEO Amit Yoran on Zero Trust and Government Cybersecurity Read More »
As your organization works toward achieving CMMC compliance, creating your System Security Plan (SSP) and Plan of Action and Milestones (POA&M), are critical steps in the process. The documents both provide a foundation for your remediation efforts as you work
How to Build and Maintain an Effective SSP & POA&M Read More »
The cyber universe has become the next battlefield–a place where threat actors, malicious entities, cyber criminals, activists, and nation states are challenging U.S. hegemony globally. We’ve seen instances where millions, or even billions, of dollars of research and decades’ worth
Most Common Failing CMMC Controls and How to Address Them Read More »
I’m a DOD contractor; what do I need to do for CMMC? To start or continue working with the DOD, all contractors must achieve and maintain the appropriate level of cybersecurity compliance. But what do you need to do, and
DFARS 7012, NIST 800-171, and CMMC Compliance Explained Read More »
The US government, through the lead agency, the Department of Defense (DOD) is implementing a new Cybersecurity Maturity Model Certification (CMMC) requirement for all private-sector businesses that work with the DOD, and now we understand that the standard will be
CMMC vs ISO 27001: Why It’s Time to Make the Switch Read More »
The Department of Defense (DOD) suppliers were notified at the end of September about the new DFARS Interim Rule designed to collect NIST 800-171 assessment scores from all DOD contractors through submittal to the Supplier Performance Risk System (SPRS). As mentioned in a
Mastering SPRS: Supplier Performance Risk System & Your Score Read More »
SolarWinds, with more than 300,000 global clients, including many federal agencies in the United States and mostly Fortune 500 companies, unknowingly released a software update that included malware providing hackers unobstructed remote access to victim networks. The magnitude of this
Could NIST 800-171 or CMMC have Influenced the Response to SolarWinds? Read More »
