Consider this scenario; you are a Chief Information Security Officer (CISO) for a major university hospital system, with over 10 years of experience working with[...]
In early November, the DoD released an announcement for version 2 of the CMMC compliance standard. Developed with feedback from defense agencies and contractors, CMMC 2.0 seeks to streamline the[...]
Note: This blog post is an adaptation of a presentation given by SecureStrux Governance, Risk and Compliance Practice Lead Tony Buenger at the California Polytechnic Institute on October 20, 2021.
Contractors working with the Department of Defense are quickly responding to the Cybersecurity Maturity model Certification (CMMC) roll out. This security framework is a way for the DoD to determine,[...]
CMMC is a complex topic that's facing security firms and government contractors around the company. While we are well into the implementation and deployment stages of the CMMC framework, many[...]
User access is one of the most basic, and yet most necessary, security controls available. With the complex ways in which we combine on-prem and cloud services for customers, it’s obvious how[...]
In this Article
- NIST Special Publication 800-172 (formerly known as 171B) “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations: Enhanced Security Requirements for[...]
In this Article
- Learn about the most common findings we find identity in CMMC Gap Analyses.
- Learn how your organization can avoid these gaps on your path to CMMC.
#1. You Don’t Have Enough[...]
In this Article:
- Learn about action items leading up to CMMC preparation.
- Learn what to do when your organization is ready to begin CMMC preparation.
- Learn what goes into a CMMC Gap Analysis, and[...]
