The CMMC 2.0 Checklist: Your Company’s Roadmap to Compliance

Table of Contents What is CMMC? When is compliance required? Who needs to be certified? What is needed for compliance? Level 1: Foundational Level 2: Advanced Level 3: Expert CMMC Compliance Checklist Phase 1: Scoping Phase 2: Planning Phase 3: Pre-Assessment Phase 4: Remediation Phase 5: Certified CMMC Assessment Phase 6: Maintain Compliance Speak with […]

2023 Definitive Guide to NIST 800-171 Compliance

nist 800-171 compliance consultant

Unauthorized access and disclosure of government information has become all too common in these times of frequent cyber-attacks. As a result, the government has extended mandatory safeguards – found in NIST SP 800-171 – to non-federal organizations that process, store or transmit Controlled Unclassified Information (CUI) or Covered Defense Information (CDI) in non-federal information systems. These non-federal organizations […]

What is DFARS 252.204-7012? (What DoD Contractors Should Know)

DFARS 252.204.7012 stylized image with lock

Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 has been the buzz of the defense contracting world over the last few years. While it became a final rule in 2016, companies are now feeling pressure to comply with it. You may have received communications from prime contractors or seen announcements from the Government mandating self-attestation of […]

Vulnerability in the Age of Remote Work

With COVID-19 continuing to run its course across the United States, it is likely that remote work is here to stay.  According to an Upwork workforce report, it is projected that over 36 million Americans will still be working remotely by 2025. This rapid increase in remote work has resulted in additional cyber threats for […]

Cyber Resiliency: Preparing for and Mitigating the Inevitable

nist 800-171 compliance consultant

While risk management has been in use within information security doctrine for decades, cyber resiliency is a new paradigm has begun to gain ground. It is no longer enough to solely focus on securing networks, as even the most robust controls may be circumvented by sophisticated adversaries. Organizations must now consider the inevitability that their […]

What is Federal Contract Information (FCI)?

Image with text reading federal contract information

With attention on DFARS 252.204-701, the Cybersecurity Maturity Model Certification, and NIST SP 800-171, you may already be familiar with safeguarding requirements for Controlled Unclassified Information (CUI). However, are you aware of the requirements for safeguarding Federal Contract Information (FCI)? You may be wondering – What is FCI? How is FCI different from CUI? Does […]

What is the Cybersecurity Maturity Model Certification (CMMC)?

DFARS 252.204.7012 stylized image with lock

UPDATE: 05/14/2023: Since it’s initial release, the CMMC has been updated to the 2.0 version. Check out our ultimate 2.0 guide and compliance checklist. With recent breaches of government data, such as Solargate, cybersecurity and safeguarding sensitive information has become more important than ever. Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) is the […]

CUI: Your Guide to Controlled Unclassified Information

What is cui? With dome of U.s. capitol

What is Controlled Unclassified Information (CUI)? You may have been brought here because you are seeking to achieve NIST 800-171 or CMMC compliance. Perhaps this is the first time you have heard the terms Controlled Unclassified Information or “CUI”. You may be wondering: What is CUI? Do I have any? If I do, what am […]

How To Choose A CMMC Consultant

images describing cmmc and consultant efforts

With the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) moving full steam ahead, many small and medium businesses are struggling to become compliant. You may be asking yourself: how do I become compliant? Where should I even begin? Do I have the in-house expertise to become compliant? Do my in-house experts have the […]

Social Engineering: Elicitation and How to Counter It

Silhouette of person dangling by strings

Most are likely familiar with some forms of social engineering, including phishing scams. But how familiar are you with elicitation and do you know how to detect and defend against it? Read on to learn more about elicitation, who is vulnerable, and behavior to watch out for. What is Elicitation? Elicitation resembles a typical or […]