CMMC: What Is the Principle of Least Privilege? The principle of least privilege is one of the cornerstones of most cybersecurity frameworks, and the Cybersecurity Maturity Model Certification (CMMC) is no exception. Keep reading to learn everything about the principle of least privilege: What it is, how to implement it, and what it means for…
Details
The release of the CMMC ruling has been release this morning December 22, 2023. Anticipation for this development has been building since 2020. It is important to note that while this is not the definitive final rule, it is a proposed final rule. The finalized version that can be incorporated into DoD contracts is…
Details
Knowing some instances of what constitutes an infraction to the International Traffic in Arms Regulations goes a long way towards understanding this important regulatory regime. With that in mind, today we review some examples of ITAR violations. Some are obvious, while others demonstrate how easily companies can incur potential ITAR violations if they don’t have…
Details
Many organizations looking to comply with the Cybersecurity Maturity Model Certification (CMMC) already observe other standards such as SOC 2. With that in mind, today we take a closer look at the similarities and differences between these two standards, including who needs to adhere to them and how to become certified. What Is CMMC? The…
Details
“Domain” is a term you come across often when researching the Cybersecurity Maturity Model Certification (CMMC). But what are CMMC domains, exactly? In today’s post, we tell you everything you need to know about this crucial component of the CMMC ecosystem. A Definition of CMMC Domains Cybersecurity Maturity Model Certification (CMMC) domains are groups or…
Details
As you set your Cybersecurity Maturity Model Certification goals, it is important to have a solid grasp of the different compliance tiers available. For example, what is the difference between CMMC Level 1 and CMMC Level 2? In today’s blog post, we take a closer look. About CMMC The acronym CMMC stands for Cybersecurity Maturity…
Details
Regardless of the Cybersecurity Maturity Model Certification (CMMC) level you need to achieve, there are some practices you need to observe. One of these practices is AC.L1-3.1.1, Authorized Access Control. Keep reading to learn more. What Is AC.L1-3.1.1? Let’s start by making sense of the different components of the CMMC practice number: AC indicates that…
Details
Anyone looking to comply with the Cybersecurity Maturity Model Certification (CMMC) needs to be aware of POA&Ms. Keep reading to learn what a POA&M is, why they matter, and how to use them within your compliance strategy. A Basic Definition of POA&M The term POA&M stands for Plan of Actions and Milestones. As the name…
Details
If you are looking into the process of becoming CMMC compliant, you are probably wondering how many CMMC controls you need to comply with. Keep reading to discover the answer and learn more about CMMC. CMMC: The Basics The Cybersecurity Maturity Model Certification is a cybersecurity framework designed by the Department of Defense (DoD) to…
Details
Creating a System Security Plan (SSP) is an essential step toward achieving CMMC compliance. That’s why in today’s post, we provide a detailed overview of SSPs, from a basic definition to what an SSP template looks like. System Security Plan (SSP): A Basic Definition A System Security Plan (or SSP) is a formal document that…
Details