On 22 Dec (pre-release) or 26 Dec (official inclusion in the Federal Register) the DoD and OMB released the new Title 32CFR170 CMMC Rule....

For Defense Industrial Base (DIB) companies, it has been a long 3 years in cybersecurity. In 2020 the DoD published the interim-final...

News of the False Claims lawsuit against Pennsylvania State University reached the CMMC landscape in August of 2023, when the 2022 legal...

On August 4, the Office of Management Budget (OMB) released a series of documents detailing updates to the Cybersecurity Maturity Model...

On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...

Last month, the Office of Management and Budget’s (OMB’s) memorandum requiring the removal of TikTok from government devices impacted the...

In the wake of NIST 800-171 Revision 3, the near-future of information security has been discussed at length across the Defense...

On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...

The manufacturing and critical infrastructure sectors in the United States are under threat. In particular, Defense Industrial Base (DIB)...

Last week, the National Institute of Standards and Technology (NIST) published a draft revision of Special Publication (SP) 800-171. SP...

On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...

The most current version of Cybersecurity Maturity Model Certification includes 110 practices or security requirements, also called...

The yellow brick road to Cybersecurity Maturity Model Certification (CMMC) is paved with one thing. Acronyms. In order to take your...

On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...

On January 27th, 2017 the DoD published the “Networking and Penetration Reporting and Contracting for Cloud Services (DFARS Case...

If you’ve ever picked up a self-help book, you may have come across the phrase “love is a verb.” This adage is designed to draw attention...

What is a POA&M and when do I need one? According to NIST SP 800-37 Rev. 2, a Plan of Actions and Milestones (POAM or POA&M) is, “A...

Is the new CMMC rule going to be a draft rule or an interim final rule? While an interim final rule was originally scheduled for release...

As seen on GRC Viewpoint: https://lnkd.in/dHQjaGQz. Maintaining an environment which centralizes not only the protection, but the...

On September 29th, Microsoft announced Zero Day vulnerabilities which affect the 2013, 2016 and 2019 versions of Microsoft Exchange. Note...