Background In 2019, the Department of Defense (DOD) officially announced the introduction of a Cybersecurity Maturity Model Certification (CMMC). This unique maturity model is designed to improve the cybersecurity regarding Controlled Unclassified Information (CUI) within supply chains, especially as it applies to the Defense Industrial […]
Evaluating Your MSSP: Is It a Barrier to Achieving CMMC Certification? Read More »
Current Compliance Landscape Deputy Defense Secretary Patrick Shanahan spoke at the Armed Forces Communications and Electronics Association (AFCEA) on Feb 6, 2018, and said, “The culture we need to get to [around IT security] is that we’re going to defend ourselves
What is the CMMC Shared Security Model and Why is it Needed? Read More »
CyberSheath has attended multiple listening sessions and events with DOD leadership revealing more information regarding the DOD Cybersecurity Maturity Model Certification (CMMC). I want to expand on our previous blog with the additional details and actionable plans on what DOD contractors need to do to prepare for the changes.
What We Understand about CMMC so Far
CMMC stands for “Cybersecurity Maturity Model Certification” and will encompass multiple maturity levels that range from “Basic Cybersecurity Hygiene” to “Advanced”. The intent is to identify the required CMMC level in Request for Proposals (RFP) sections L and M to be used as a “go / no go decision.” This means that instead of the ability to bid and win a contract and then comply post-award with cybersecurity requirements, DOD contractors will have to be certified to the CMMC level required in advance, pre-bid, to even be eligible to bid.
When shopping for a Managed Security Services Provider (MSSP), there are plenty of checklists that you can download to help funnel you right to that vendor’s particular product. This isn’t that blog post, although at some point I am sure we have published one too. While checklists are helpful in narrowing down the capabilities and tools that you want to add to your probably already too big portfolio of tools, the focus should really be on the services that you will be adding to your existing team.
Managed Security Services That Matter Read More »
Every day, hackers and thieves are becoming more sophisticated, daring, and aggressive in their attempts to turn stolen data into substantial paydays. And with criminal entities regularly on the prowl for cyber weaknesses to exploit, it’s no wonder that the
What does the Ohio Data Protection Act Mean for Your Business? Read More »
Cybersecurity at small and mid-sized businesses are often under-resourced with an “Army of One” approach to compliance and risk management. Compliance with regulatory requirements like DFARs 252.204-7012, HIPAA, PCI DSS, NERC CIP, Sarbanes Oxley (SOX) and more compete with actual
CyberSheath Managed Services for Small & Mid-Size Business Read More »
Thanks to the increasingly sophisticated and aggressive cybersecurity threats facing the U.S., there has been much focus recently on reinforcing the nation’s cybersecurity. Much of this effort has revolved around strengthening the Department of Defense (DOD) supply chain. The Defense
Understanding DFARS 252.204-7012 and NIST SP 800-171 Read More »
Good hygiene habits are drilled into us from a young age, and for good reason! Neglect to wash your hands, take a shower, use deodorant, or brush your teeth, and you could find yourself friendless, dateless, and quite possibly sick.
The 12-Step Program for Impeccable Cyber Hygiene Read More »
The December 31, 2017 deadline for achieving compliance with NIST 800-171 has come and gone. If you’re still not compliant, you’re at risk for penalties, and chances of winning future contracts and bids are at great risk. The good news is it’s not too late!
Are You Fully Compliant with DOD’s New Cybersecurity Standards? Read More »
Operational security enables compliance and CyberSheath tailors our MSSP services to enable immediate, tangible operational security improvements that facilitate regulatory compliance.
Managed Security Services: Cheaper, Faster, More Secure with AlienVault Read More »
