Documentation templates which can help create a robust cybersecurity strategy. Useful for CMMC, NIST SP 800-171, and more.
Imagine the following scenario: As part of Project Road Runner, a new initiative, the United States Army, a portion of the Department of Defense (“DoD”) wants to purchase three dozen anvils. The anvils must meet specific size, strength, and weight requirements. DoD has already performed a search and is not able to find a COTS (more…)
The DoD CIO’s office held a town hall on 2022-FEB-10. They discussed a variety of topics including CMMC 2.0. Several take-aways came out of the session that are critical for DoD contractors, especially those handling CUI.
NIST SP 800-171 can be overwhelming for contractors. In this article, we present a prioritized approach to implementing the 110 controls of 800-171.
The US Department of Defense published the Level 1 Self-Assessment Guide for CMMC 2.0 on 13-DEC-2021.
The US Department of Defense updated their main website (OUSD A&S – Cybersecurity Maturity Model Certification (CMMC) (osd.mil)) to include an updated CMMC Model consistent with the information released on Nov. 4 about CMMC 2.0. They also released scoping guidance for CMMC 2.0 Levels 1 and 2, and a hashing approach for preserving evidence. Among (more…)
Successful implementations are not measured by scores. The most valuable elements to a successful implementation do not have a weighted value.
With CMMC 2.0, DoD removed process maturity as an assessed requirement. Some commentators are suggesting that NIST 800-171’s “NFO” controls inherently require policies. We explore the requirement in this article.
Former CMMC-AB board of directors James Goepel, Mark Berman, and Ben Tchoubineh authored a letter to the President which analyzes why CMMC 2.0 is inconsistent with the President’s recent Executive Order and is harmful to our national security.
DoD submitted but quickly withdrew an “advanced notice of proposed rulemaking” entitled “Cybersecurity Maturity Model Certification 2.0 Updates and Way Forward”.