Your Guide to Engaging with a C3PAO
CMMC is here and C3PAO assessments began on January 2, 2025. So what should you expect from an assessment, and how can you set your company up for success?
CMMC Is Here: Your Essential Guide to Identifying and Protecting Federal Contract Information (FCI)
As the CMMC program takes effect, understanding what qualifies as Federal Contract Information (FCI) is critical. This guide breaks down FCI definitions, offers practical tips for identifying and handling FCI across your organization, and walks you through applying CMMC Level 1 controls—ensuring you stay compliant, secure, and ready for the new era of defense contracting.
Getting Ahead of CMMC with Joint Surveillance Voluntary Assessments
A JSVA could be the answer your company has been looking for to get ahead of CMMC. Katie, a CCA on our team, helps outline everything you need to know about getting CMMC Level 2 certified - giving your company the advantage before CMMC even starts!
RED ALERT: CMMC Begins December 16th
The long-awaited CMMC rule has finally been officially published and is accompanied by some beneficial changes from the original draft. We break them down for you so you and your organization can begin to prepare for the imminent enforcement.
A Farewell to the JAB
The Federal Risk and Authorization Management Program (FedRAMP) has been a cornerstone for ensuring the security of cloud services used by federal agencies. Recently, significant changes to the program - specifically the sunset of the JAB have sparked discussions across the cloud computing landscape.
It’s Time For Your Wakeup Call: CMMC is Almost Here!
CMMC has been on the horizon for years, lurking in the distance and often thought of as a “tomorrow” problem. With the publication of the proposed rule to amend DFARS 252.204-7021, let this be a wake up call: CMMC is coming - and it’s coming quickly.
NIST Releases New CUI Security Requirements
The long-awaited NIST 800-171 Revision 3 has been released. What’s new, and what are the implications for CMMC?
SOC 2 Made Simple
Are you tired of filling out lengthy vendor questionnaires and are looking to pursue an SOC 2 examination report instead? Discover some basic practices to secure your customers’ data and pave the way for SOC 2 certification.
On Your DMARC, Get Set, Go!
Google and Yahoo are requiring DMARC beginning in February 2024. So what does that mean for your organization, and how do you implement it?
The Race to CMMC Compliance: Understanding the DoD’s New Implementation Plan
The DoD just released a proposed rule for implementation of all CMMC requirements by October 1, 2026. The plan will be implemented in four phases.
Approachable CMMC: Accelerate with our SSP Template
Are you part of the Defense Industrial Base (DIB) or have Department of Defense (DoD) contracts? Then your deadline for implementing the Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements is fast approaching.
Newly Exploited Vulnerabilities in Apple Devices
In mid-April, the Cybersecurity and Infrastructure Agency (CISA) ordered federal agencies to patch two vulnerabilities actively being exploited on iOS, iPadOS, and macOS devices. The vulnerabilities were also added to CISA’s Known Exploited Vulnerabilities catalog as of April 10th.
September Snafus: Hackers Take Advantage of Unwitting Employees
Several large companies were hacked in the first half of September. The common theme? All of the attacks were carried out with relatively simple phishing and social engineering techniques.
The Revival of Raccoon Stealer
The prevalent Raccoon Stealer malware has returned from the dead and is now better than ever - and ready to start stealing your data.
Conti Ransomware Continues to Cause Concern
Conti ransomware was the biggest ransomware strain in 2021, bringing in more than $180 million in ransom payments. Despite announcing they were shutting down operations as of May 2022, Conti isn’t going away any time soon.
