We’ve made the assertion in our Totem Top 10 that, after you have gathered a complete inventory of all your IT system assets and identified the
What the CMMC Scoping Guide means for small businesses
The DoD Industrial Base (DIB) has long awaited guidance on what IT system components are in scope for cybersecurity protections under the National
Notes from CMMC-AB’s November 2021 Town Hall
The Cybersecurity Maturity Model Certification (CMMC) program began with the ambitious goal of introducing compliance and oversight to roughly 300,000
An overview of CMMC 2.0
On November 4th, 2021, the Department of Defense (DoD) announced major changes to the Cybersecurity Maturity Model Certification (CMMC). This
CMMC Updates Announced by DoD great for Small Business Contractors
On 4 November, the DoD announced significant CMMC updates, by publishing a new model -- "CMMC 2.0" -- on a revamped website, and outlining a new
Simple CUI Handling Guide for Employees (with free download)
Employee CUI Handling Guide Small businesses in the DoD contractors, subcontractors, and vendors –members of the DoD Industrial Base (DIB)--have
Can you store CUI system credentials in password managers?
We were intrigued by a comment we recently received from Brian Ruthrauff on our password policy blog with regard to storing CUI system credentials in
Cybersecurity Risk Assessment Methodologies for the Small Business
Cybersecurity Risk Assessment Within the Defense Industrial Base Risk management is a part of business. Although the level of risk companies face
Why is separation of duties required by NIST 800-171 and CMMC?
Background on the CMMC requirement to separate the duties of individuals Members of the DoD supply chain – the Defense Industrial Base (DIB) -- that