The Cybersecurity Maturity Model Certification (CMMC) program establishes assessment mechanisms to verify defense contractors’ compliance with Department of Defense security requirements for the protection of sensitive information. Those security requirements are already in effect, but self-assessment has been permitted until now and so compliance has been weak.   Under CMMC, ... Read More

PreVeil is the first Cloud Service Provider (CSP) to meet the Department of Defense’s (DoD) stringent FedRAMP Moderate Equivalency requirement for CMMC and DFARS 7012 compliance. This significant accomplishment further reinforces PreVeil’s position as the leading solution for defense contractors seeking a proven path to CMMC and DFARS compliance. FedRAMP ... Read More

When defense contractors look for a reliable source to store and share their controlled unclassified information (CUI), they will frequently turn to a cloud service provider (CSP). Cloud is a superior choice for contractors over storing on premise as cloud enables unlimited storage, access to data from anywhere, data resiliency, ... Read More

For defense contractors, a Supplier Performance Risk System (SPRS) score is much more than a number—it’s a crucial indicator of your ability to secure and maintain Department of Defense (DoD) contracts. Every contractor handling Controlled Unclassified Information (CUI) must adhere to the stringent security controls of NIST SP 800-171, and ... Read More

Securing Your Google Email with End-to-End Encryption In 2023, more than 300,000 organizations adopted Gmail as their go-to email management tool. However, even though it has seen widespread use, Google relies on encryption standards to safeguard Gmail data that are relatively basic such as TLS (Transport Layer Security). This poses ... Read More

Small and Medium Healthcare providers struggle with the cost and complexity of ensuring security and privacy of Protected Health Information (PHI) data subject to HIPAA.  Traditional healthcare systems are complex and expensive, designed primarily for large organizations. Small healthcare providers frequently face a conundrum: deploy expensive systems or forgo compliance ... Read More

Defense spending in the United States is projected to reach $886 billion by 2025, making it a high growth industry for manufacturers interested in expanding their clientele. To expand into defense, organizations must meet stringent regulations, including International Traffic in Arms Regulations (ITAR). Failure to do so can result in ... Read More

Proposed Rule published in Federal Register.60-day comment period begins The Department of Defense’s CMMC program has taken a huge leap forward with the publication of the CMMC Proposed Rule on December 26th in the Federal Register. This kicks off a 60-day comment period and we expect CMMC to be in ... Read More

The CMMC rule (CFR 32) is now live, and one of the most common concerns defense contractors have is the cost of achieving compliance. CMMC will step up enforcement of the 110 NIST 800-171 controls, making compliance a prerequisite for continued work with the Department of Defense (DoD). In order ... Read More

Over 2,300 registrants participated in our 2023 CMMC Summit. Leading experts, including Matt Travis (Cyber AB, CEO), Paul Escobedo (CISO, Raytheon), and Dr. Ron Ross (Author, NIST), answered audience questions about all aspects of CMMC compliance.     This blog summarizes the Summit’s most popular questions, including details about the ... Read More