Skip to content
CMMC Updates Announced by DoD great for Small Business Contractors
On 4 November, the DoD announced significant CMMC updates, by publishing a new model — “CMMC 2.0” — on a revamped website, and outlining a
November 5, 2021
On 4 November, the DoD announced significant CMMC updates, by publishing a new model — “CMMC 2.0” — on a revamped website, and outlining a
Employee CUI Handling Guide Small businesses in the DoD contractors, subcontractors, and vendors –members of the DoD Industrial Base (DIB)–have lots to do to secure
We were intrigued by a comment we recently received from Brian Ruthrauff on our password policy blog with regard to storing CUI system credentials in
UPDATE 27 November 2024: Note that the DoD self-Assessment Methodology (DoDAM) and SPRS scoring only works for NIST 800-171 revision 2. The DoD has announced
Background on the CMMC requirement to separate the duties of individuals Members of the DoD supply chain – the Defense Industrial Base (DIB) — that
Password Policy Requirements for CMMC Our clients often ask us what the password policy should be for their covered contractor information systems that must be
NIST SP 800-171 Control 3.13.1 / CMMC Practice SC.1.175 requires us to “Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational
We’ve noticed some confusion from our clients stemming from the various ways the DoD uses the term “Basic” in conjunction with its supply chain cybersecurity.
The Cybersecurity Maturity Model Certification (CMMC) was designed to improve the security posture of the Defense Industrial Base. In developing the framework, Pentagon officials drew