Streamline your POAM with Standardized Templates The Totem cybersecurity blog recently introduced Plans of Action and Milestones (POAMs), which
What the Heck is a “Key Internal Boundary”?
NIST SP 800-171 Control 3.13.1 / CMMC Practice SC.1.175 requires us to "Monitor, control, and protect organizational communications (i.e., information
What Does the Term “Basic” Mean in Relation to DoD Contractor Cybersecurity
We've noticed some confusion from our clients stemming from the various ways the DoD uses the term "Basic" in conjunction with its supply chain
POAMs in a Nutshell
When a Quick Fix Just Isn't Possible Security standards like NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC) provide common
DoD CUI Identification Guide for DFARS 7012 / CMMC L3 Compliance
The Challenge of DoD CUI Identification Members of the US Department of Defense (DoD) Industrial Base (DIB)--the prime- and sub-contractors,
The CMMC vs other Cybersecurity Frameworks
The Cybersecurity Maturity Model Certification (CMMC) was designed to improve the security posture of the Defense Industrial Base. In developing the
The Cyber Risk of USBs
USBs (as well as CDs, DVDs, etc.) are designed to provide removable storage for a computer. This storage includes both data files (Word
CMMC Preparation Methodology executed by Totem Technologies
Totem Technologies' Small Business CMMC Preparation Methodology This post describes Totem Technologies’ (Totem.Tech) three-phased approach and
“What the heck?” Series Part 1: Processes Acting on Behalf of Authorized Users
What the heck are processes acting on behalf of authorized users? Excellent question, especially since NIST SP 800-171 and CMMC discussion,