Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041) is here. Often referred to as CMMC this long-awaited and hotly debated Interim Rule harmonizes legacy (DFARS clause 252.204-7012) and future (CMMC) requirements with the following […]
DOD Released a New Interim Final DFARS Rule Covering CMMC and NIST 800-171 Read More »
The Department of Defense (DOD) has instituted an emergency action, possibly to confirm what is widely already known on cybersecurity compliance among the defense industrial base (DIB). Self-certification for defense contractors has enabled “barely there” cybersecurity unless you are one
Calling Industries Bluff: The DOD Emergency Action on NIST 800-171 Compliance Read More »
Background In 2019, the Department of Defense (DOD) officially announced the introduction of a Cybersecurity Maturity Model Certification (CMMC). This unique maturity model is designed to improve the cybersecurity regarding Controlled Unclassified Information (CUI) within supply chains, especially as it applies to the Defense Industrial
Is Your MSSP Your Weakest Link in CMMC Certification? Read More »
The U.S. has to up-level its cybersecurity. That’s the gist of what we’ve been hearing from multiple sources, including congressional commissions and the Department of Defense (DOD). The alarm bells — and the calls for more stringent security practices —
How Cybersecurity Forum 2020 is Advancing the U.S. Cybersecurity Conversation Read More »
Recently, the National Institute of Standards and Technology (NIST) re-released the Draft Special Publication (SP) 800-171B as Draft SP 800-172. This document is in final draft review with all comments due August 21, 2020. What is new in NIST 800-172?
NIST SP 800-172: Advanced Security Controls for an Advanced Persistent Threat Read More »
Current Compliance Landscape Deputy Defense Secretary Patrick Shanahan spoke at the Armed Forces Communications and Electronics Association (AFCEA) on Feb 6, 2018, and said, “The culture we need to get to [around IT security] is that we’re going to defend ourselves
What is the CMMC Shared Security Model and Why is it Needed? Read More »
The US Department of Defense (DOD) has one of the largest supply chains in the world, scaling to hundreds of thousands of different vendors and partners. While valuable, these vital partners in our nation’s defense infrastructure pose a huge cyber
5 Supply Chain Cyber Attacks that Illustrate Why CMMC Is Needed Read More »
Compliance with ever-evolving DOD cybersecurity mandates like DFARS 252.204-7012, NIST 800-171, and Cybersecurity Maturity Model Certification (CMMC) is complicated and confusing. It can be hard to understand the outcomes that you should focus on and how to measure success. Discover
Achieve DFARS Compliance with Managed Services Read More »
The theft of intellectual property and sensitive information across the Defense Industrial Base (DIB) and the supply chain of the Department of Defense (DOD) threatens economic security and national security. Malicious cyber actors have persistently targeted the DIB sector and
Cybersecurity Maturity Model Certification (CMMC) Update Read More »
We are in unprecedented times. As we all work to maintain as much normalcy in our personal and professional lives as possible, important projects such as those involving your organization’s cybersecurity might not be top of mind. You’ve worked hard
How Is Quarantine Changing Your Cybersecurity Planning? Read More »
