Why GCC High is the Wrong Choice for Small to Medium Sized Businesses

Why GCC High is the Wrong Choice for Small to Medium Sized Businesses

|
Large contractors in the defense industrial base (DIB) likely have security systems in place that are CMMC-compliant. Small to medium sized businesses, with more limited financial, human, and time resources, will find the transition a lot more challenging. Many are looking for the simplest solution and, for businesses currently using ... Read More
Why Commercial O365 is not DFARS compliant

Why Commercial O365 is not DFARS compliant

|
On any given week, our sales team speaks to numerous contractors in the defense industrial base (DIB). Many of them believe they are DFARS compliant based on Microsoft’s previous statements recommending O365 Commercial for this purpose. Unfortunately, this guidance is no longer valid. In 2019, Microsoft took the position that ... Read More
Accelerate CMMC Compliance with NIST and DFARS

Accelerate CMMC Compliance with NIST and DFARS

|
The CMMC’s goal is to strengthen the cybersecurity of defense contractors, especially for the numerous small and medium-sized organizations. Many companies however are wondering how they can get started on the path towards compliance. We recently spoke with Jonathan Hard of H2L Solutions on this very topic. Jonathan’s company focuses ... Read More

CMMC compliance only for employees handling CUI

|
In spite of Covid-19’s shutdown of America’s workforce, CMMC is still on the fast track to rolling out. Soon, compliance will be a prerequisite for every prime and subcontractor. With the initial wave of CMMC audits starting by Fall of 2020, companies storing or transmitting CUI need to get ready ... Read More
Westech International hacked by MAZE Ransomware

Westech International hacked by MAZE Ransomware

|
Last week Sky News reported that hackers had stolen data from nuclear missile contractor Westech International’s computer network. Using MAZE ransomware, hackers encrypted Westech’s machines and pressured the company to pay up or see their materials published online. At present, it is clear that the hackers were able to access ... Read More
Narrated Email Demo

CMMC Compliance in Office 365

|
The Department of Defense’s new Cybersecurity Maturity Model Certification (CMMC) framework is rolling out now, starting with approximately 1,500 primes and subcontractors in the Defense Industrial Base (DIB). From there, the process will pick up speed until all 300,000 organizations in the DIB will need to achieve their required CMMC ... Read More
Narrated Email Demo

CMMC Compliance with Gmail

|
The Department of Defense’s new Cybersecurity Maturity Model Certification (CMMC) framework is rolling out now, starting with approximately 1,500 primes and subcontractors in the Defense Industrial Base (DIB). From there, the process will pick up speed until all 300,000 organizations in the DIB will need to achieve their required CMMC ... Read More
Why The Next Major Hack is Just Around the Bend

Why The Next Major Hack is Just Around the Bend

|
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently released a list of the ten security vulnerabilities most commonly exploited by foreign actors over the past few years. The list includes vulnerabilities dating back to 2016 as well as three new vulnerabilities that target remote workers. This is ... Read More
Understanding the role of DFARS in CMMC

Understanding the role of DFARS in CMMC

|
In 2017, the DoD issued the Defense Federal Acquisition Regulation Supplement (DFARS) memorandum for contractors, requiring them to follow the NIST 800-171 cybersecurity framework. The goal was to protect CUI from cybersecurity attacks. However, confusion on the standards led to slow adoption. As a result, the DoD released the CMMC ... Read More
The CMMC Training Ecosystem part of the CMMC-AB National Conversation Series

The CMMC AB’s Plan to Train the Assessors

|
No let up to the DoD’s aggressive timeline Ben Tchoubineh, the leader of the CMMC AB’s Training Committee, led yesterday’s national conversation on the timeline for training and certifying C3PAOs. Tchoubineh’s much awaited comments provided a clear plan for rolling out C3PAO training. Training will start with the Provisional Program, ... Read More