In our first two CMMC Practice session we reviewed the Level 1 Practices within the Access Control (AC) Domain and the Level 2 Practices with a focus on network and device access. Next up we will continue our more in-depth […]
In our first two CMMC Practice session we reviewed the Level 1 Practices within the Access Control (AC) Domain and the Level 2 Practices with a focus on network and device access. Next up we will continue our more in-depth […]
In our first CMMC Practice session we reviewed the Level 1 Practices within the Access Control (AC) Domain. Switching our CMMC practice focus from Federal Contract Information (FCI) to Controlled Unclassified Information (CUI), in this session we take a more […]
Questions and answers about the CMMC Rule and Guides update.
Now it’s time to get serious. We’ve covered contract requirements, properly scoped your environment, and reviewed how to document your environment in a System Security Plan (SSP). Now we need to talk about the CMMC Practices and how to implement them. […]
Now that you understand your contract requirements and have properly scoped your environment, you are ready to document your environment in a System Security Plan (SSP). But just how much information do you need to include? How much SHOULD you include? […]
Now that you have understand your contract requirements, how do you properly scope your environment to meet the FARS/DFARS clauses? Some companies choose to start with their entire enterprise, while others attempt to limit the scope to certain servers and […]
The first step in preparing for your companies Cybersecurity Maturity Model Certification is understanding your contract, the requirements for protection of CUI, and pinpointing exactly what information you’ll be storing, processing, or transmitting which is CUI. Mike Synder will go […]
To paraphrase Frank Zappa, CMMC isn’t dead, it just smells funny. The release of CMMC 2.0 from the Department of Defense last month brings many changes to the CMMC framework. There are some positives, some negatives (in my opinion), and […]
The Cybersecurity Maturity Model Certification (CMMC) aims to protect America’s Defense Industrial Base (DIB),and is a long-awaited approach that follows on years of attempts to unify cybersecurity practices for Department of Defense contractors. Weapons, aircraft carriers, and planes might be […]