General Security
IR.2.092 Incident Preparation (CMMC Level 2)
Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities ...
SI.1.210 System Integrity/Patching (CMMC Level 1)
Identify, report, and correct information and information system flaws in a timely manner ...
CA.2.158 Ongoing Security Assessment (CMMC Level 2)
Periodically assess the security controls in organizational systems to determine if the controls are effective in their application ...
AC.1.004 Publicly Posted Information (CMMC Level 1)
Control information posted or processed on publicly accessible information systems ...
MP.1.118 Media Destruction – Sanitation (CMMC Level 1)
Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse ...
AC.1.003 External/Remote Connections (CMMC Level 1)
Verify and control/limit connections to and use of external information systems ...
AC.1.002 User Access Restrictions (CMMC Level 1)
Limit information system access to the types of transactions and functions that authorized users are permitted to execute ...
AC.1.001 Basic Security Requirements (CMMC Level 1)
Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems) ...
CMMC Level 1 requirements?
The CMMC repeatedly states that CMMC Level 1 maturity is “performed”. Not documented, not managed, and definitely not optimized. ...
Reactive vs. proactive security: Three benefits of a proactive cybersecurity strategy
Introduction I’ve been writing cybersecurity articles for many years, and in that time, I have only seen increasingly complex security threats. Cybercriminals take their craft seriously. They treat cybercrime as a business, ...