Password Policy Requirements for CMMC Our clients often ask us what the password policy should be for their covered contractor information systems
The NIST Cybersecurity Framework
Securing Critical Infrastructure In 2011, hackers infiltrated US water treatment systems, resulting in physical infrastructure damage and thousands of
POAM Template Walkthrough
Streamline your POAM with Standardized Templates The Totem cybersecurity blog recently introduced Plans of Action and Milestones (POAMs), which
What the Heck is a “Key Internal Boundary”?
NIST SP 800-171 Control 3.13.1 / CMMC Practice SC.1.175 requires us to "Monitor, control, and protect organizational communications (i.e., information
What Does the Term “Basic” Mean in Relation to DoD Contractor Cybersecurity
We've noticed some confusion from our clients stemming from the various ways the DoD uses the term "Basic" in conjunction with its supply chain
POAMs in a Nutshell
When a Quick Fix Just Isn't Possible Security standards like NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC) provide common
DoD CUI Identification Guide for DFARS 7012 / CMMC L3 Compliance
The Challenge of DoD CUI Identification Members of the US Department of Defense (DoD) Industrial Base (DIB)--the prime- and sub-contractors,
The CMMC vs other Cybersecurity Frameworks
The Cybersecurity Maturity Model Certification (CMMC) was designed to improve the security posture of the Defense Industrial Base. In developing the
The Cyber Risk of USBs
USBs (as well as CDs, DVDs, etc.) are designed to provide removable storage for a computer. This storage includes both data files (Word