top of page
SPA, ESP, CSP - What's the Difference, and Why it Matters
In practice, SPA/CSP/ESP split important hairs and are often confused. Each label has crucially specific connotations for CMMC assessments.
Vincent Scott
Apr 75 min read
Thoughts on CMMC Assessment Readiness
“Most companies think they’re ready. They are not. CMMC is brutal , and the sooner businesses accept that, the better chance they have of...
Vincent Scott
Mar 172 min read
How to Simplify the PIEE Recipe
According to the DoD, uploading a NIST self-assessment score is supposed to be as easy as an easy-bake pie. If you are a prime already...
Chloe Bernard
Jan 32 min read
CMMC and Contract Negotiation
CMMC is an enterprise challenge — not just an IT challenge...this blog focuses on efforts required to negotiate contract specificity and...
Milt Songy
Dec 19, 20245 min read
CMMC: Compliance Mt. Everest
I would assert that CMMC is by far the most challenging cybersecurity assessment methodology ever; the federal compliance Mt. Everest.
Vincent Scott
Dec 12, 20243 min read
When do I get the points?
Many companies today are working to update their SPRS score. The standard model for this is to conduct an assessment, assign a score,...
Vincent Scott
Nov 18, 20243 min read
bottom of page