2022 CMMC Community Contributor Award Winners

Announcing the 2022 CMMC Community Contributor Awardees! These individuals made exceptional contributions to the efforts to protect the US government’s supply chain, and the broader cybersecurity community. We appreciate their efforts and are pleased to recognize the positive contributions they have made!

NIST SP 800-171/CMMC 2.0 Self-Assessment Tool Updated to Include Automated FAR and Above and SPRS Scoring, and More

We are excited to announce the release of the new version of our CMMC 2.0/NIST SP 800-171 Self-Assessment Tool. This version includes automated FAR and Above and SPRS scoring and much more!

The $0 CMMC Level 2 Compliance Fallacy

Government representatives have stated that complying with CMMC 2.0 Level 2 shouldn’t cost contractors or the government anything, because contractors have been attesting to the government that they are doing these things for years. This article explores why this is correct only for a small minority (17 out of 110) of the controls in CMMC 2.0 Level 2.

Embedding Cybersecurity into your Organization’s DNA

Cybersecurity is an ever-growing and changing field, and there are differences of opinion about how best to protect an organization. Some argue that technology is the only way to protect the organization. Others say organizations must focus on compliance, rather than technology. Both are wrong…and right. The best way to achieve a strong, effective cybersecurity program is to ensure you have the technologies in place to protect your critical assets and the policies, procedures, plans, and governance in place to ensure the technologies are used correctly.