What kind of training does a L2 CMMC require?
Cybersecurity Maturity Model Certification (CMMC) includes a list of controls that dictate training requirements for relevant employees:...
top of page
Vincent Scott
Sep 263 min read
Do I Need to Have a SIEM for CMMC?
The DoD is rolling out their new cybersecurity audit plan around NIST SP 800-171: Cybersecurity Maturity Model Certification, or CMMC....
Shelby Scott
Aug 286 min read
The Power of Definition
This ‘power’ allows organizations to define crucial variables for themselves as they document their information security architecture.
Vincent Scott
Aug 74 min read
10 Cybersecurity Tips for Small Business
Tip 1. You're not too small to be a target. I once had a person in a major corporation say to me, “We are a soap and diaper company. Who...
Vincent Scott
Jul 2210 min read
The Challenge of CMMC Documentation
Ah, documentation. The most beloved part of every cybersecurity and IT professional's day. If only they could have more paperwork, then...
Vincent Scott
Jul 102 min read
Mini Blog: CTI in a Nutshell
Controlled Technical Information (CTI) is really at the heart of what DoD wants/needs to have protected as a part of many ongoing DoD...
Nick Martin
Jun 106 min read
Understanding Microsoft Windows Copilot+ Recall
Microsoft's introduction of the Copilot+ Recall feature has sparked significant concern within the cybersecurity and compliance...
Shelby Scott
May 244 min read
COOEY Kittens!
The CMMC ecosystem has experienced a major increase in activity in 2024.This ramp-up has seen us lean on a number of new analogies when...
Jacob Scott
Apr 182 min read
What is Periodic?
How often should our company review our compliance with the NIST SP 800-171 security requirements?
Jacob Scott
Apr 43 min read
DFARS FAQ and Contractor Noncompliance
On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...
Shelby Scott
Feb 268 min read
CMMC Myths
The origin story of Cybersecurity Maturity Model Certification (CMMC) goes back more than 20 years. Having roots in 32 CFR 2002, the...
Vincent Scott
Feb 57 min read
How to conduct a DoD Cyber Self-Assessment?
What the heck is this spurrrs thing people keep talking about? And why did my prime just ask us if we have one? The Supplier Performance...
Vincent Scott
Jan 104 min read
88 MPH: CMMC 2.11 Draft Rule and the DIB's Need for Speed
On 22 Dec (pre-release) or 26 Dec (official inclusion in the Federal Register) the DoD and OMB released the new Title 32CFR170 CMMC Rule....
Vincent Scott
Dec 4, 20232 min read
Be Better, Not Perfect
For Defense Industrial Base (DIB) companies, it has been a long 3 years in cybersecurity. In 2020 the DoD published the interim-final...
Shelby Scott
Sep 28, 20238 min read
Nittany Lions and Tiger Teams - Possible Lessons from Penn State’s Brush with the False Claims Act
News of the False Claims lawsuit against Pennsylvania State University reached the CMMC landscape in August of 2023, when the 2022 legal...
Shelby Scott
Aug 11, 20233 min read
2.1
On August 4, the Office of Management Budget (OMB) released a series of documents detailing updates to the Cybersecurity Maturity Model...
Shelby Scott
Jul 26, 20233 min read
Alternative Control Guidance
On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...
Nick Martin
Jul 7, 20236 min read
TikTok Ban in Effect: FAR 52.204-27 Interim Rule
Last month, the Office of Management and Budget’s (OMB’s) memorandum requiring the removal of TikTok from government devices impacted the...
Shelby Scott
Jul 5, 20234 min read
Here Comes the Airplane: A Glance at the Near-Future of Cyber Rulemaking
In the wake of NIST 800-171 Revision 3, the near-future of information security has been discussed at length across the Defense...
Shelby Scott
Jun 28, 20233 min read
The First 72
On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...
bottom of page