Protecting CUI and the DoD Supply Chain

Protecting CUI and the DoD Supply Chain

|
Interview with CMMC-AB Standards Chair Regan Edens – Part 2 Part 1 of our interview with Regan Edens, looked into steps to simplifying and enabling DFARS compliance.   Part 2 will look into how contractors are managing their encryption mandate. Additionally, it will look at steps they can take to ... Read More
Helping Contractors Achieve DFARS Compliance

Helping Contractors Achieve DFARS Compliance

|
Interview with CMMC-AB Standards Chair Regan Edens – Part 1 At its core, CMMC is focused on enabling a digital transformation of the Defense Industrial Base (DIB). The model is designed to fundamentally change how defense companies think about cybersecurity as well as how they manage their own security. With ... Read More
DFARS: How to Expedite Compliance

DFARS: How to Expedite Compliance

|
The Department of Defense’s long-anticipated DFARS Interim Rule went into effect in December 2020. The Interim Rule mandates that defense contractors not only perform a self-assessment based on NIST 800-171, but also report that score to the DoD. The Interim Rule also implicitly makes the new CMMC framework—to be implemented ... Read More

The DFARS Interim Rule: What you need to know

|
In September 2020, DoD released its long-anticipated DFARS Interim Rule, which goes into effect November 30, 2020. The Interim Rule’s main objectives are to solidify that CMMC will be the new framework for DoD contracts and to instruct contractors that they must perform and report a self-assessment score based on ... Read More
Defense Contractors and CMMC Compliance: 14 Important Questions and Answers

Defense Contractors and CMMC Compliance: 14 Important Questions and Answers

|
PreVeil had a great webinar last week with our strategic partner Simple Helix. The webinar CMMC Compliance Doesn’t Have to be Scary, focused on helping Primes and subs understand how to develop a pragmatic approach to compliance. With so much anxiety currently around the topic of compliance, the webinar was ... Read More
Higher Education and CMMC: 7 Top-of-Mind Questions

Higher Education and CMMC: 7 Top-of-Mind Questions

|
In September 2020, PreVeil hosted its CMMC Virtual Summit featuring a keynote session with Katie Arrington, CISO at the Department of Defense (DoD) Office of Acquisition & Sustainment, and Karlton Johnson, CMMC-AB (CMMC Accreditation Body) board chair. One of the Summit’s breakout sessions focused on CMMC compliance for higher education ... Read More
What will CMMC compliance cost my business?

What will CMMC compliance cost my business?

|
An Interview with John Very of Pivot Point   As the rollout to CMMC comes closer, defense contractors are worried about how much compliance will cost their company. For some that have been keeping up with NIST 800-171 and DFARS 252.204.7012 requirements, compliance will be a manageable cost. For others, ... Read More
Do MSSPs and MSPs need to become CMMC Compliant?

Do MSSPs and MSPs need to become CMMC Compliant?

|
The CMMC- AB has made it clear that Managed Service Providers (MSPs) and Managed Service Security Providers (MSSPs) are required to CMMC certify if they handle their defense customers’ CUI. However, what does this mean for service providers going forward? Should all MSPs/MSSPs get certified at Level 3 or above? ... Read More
Why GCC High is the Wrong Choice for Small to Medium Sized Businesses

Why GCC High is the Wrong Choice for Small to Medium Sized Businesses

|
Large contractors in the defense industrial base (DIB) likely have security systems in place that are CMMC-compliant. Small to medium sized businesses, with more limited financial, human, and time resources, will find the transition a lot more challenging. Many are looking for the simplest solution and, for businesses currently using ... Read More
Why Commercial O365 is not DFARS compliant

Why Commercial O365 is not DFARS compliant

|
On any given week, our sales team speaks to numerous contractors in the defense industrial base (DIB). Many of them believe they are DFARS compliant based on Microsoft’s previous statements recommending O365 Commercial for this purpose. Unfortunately, this guidance is no longer valid. In 2019, Microsoft took the position that ... Read More