Regardless of the Cybersecurity Maturity Model Certification (CMMC) level you need to achieve, there are some practices you need to observe. One of these practices is AC.L1-3.1.1, Authorized Access Control. Keep reading to learn more. What Is AC.L1-3.1.1? Let’s start by making sense of the different components of the CMMC practice number: AC indicates that…
Details
Anyone looking to comply with the Cybersecurity Maturity Model Certification (CMMC) needs to be aware of POA&Ms. Keep reading to learn what a POA&M is, why they matter, and how to use them within your compliance strategy. A Basic Definition of POA&M The term POA&M stands for Plan of Actions and Milestones. As the name…
Details
If you are looking into the process of becoming CMMC compliant, you are probably wondering how many CMMC controls you need to comply with. Keep reading to discover the answer and learn more about CMMC. CMMC: The Basics The Cybersecurity Maturity Model Certification is a cybersecurity framework designed by the Department of Defense (DoD) to…
Details
Creating a System Security Plan (SSP) is an essential step toward achieving CMMC compliance. That’s why in today’s post, we provide a detailed overview of SSPs, from a basic definition to what an SSP template looks like. System Security Plan (SSP): A Basic Definition A System Security Plan (or SSP) is a formal document that…
Details
When aiming to achieve CMMC Level 2 compliance, it can be difficult to keep track of all the practices you must observe as a defense contractor. With that in mind, today we bring you a straightforward introduction to CMMC Level 2 compliance, plus a handy checklist you can use to understand where you stand and…
Details
If you produce defense-related articles, Canada is the natural choice when you look to expand internationally. But do you need to comply with ITAR in order to export to Canada? In today’s blog, we give you all the information you need to know. What Is ITAR? The International Traffic in Arms Regulations (ITAR), is a…
Details
The Cybersecurity Maturity Model Certification (CMMC) practice AC.L2-3.1.3 requires defense contractors to control the flow of Controlled Unclassified Information (CUI). But what does this mean, exactly? Keep reading to learn more about what compliance with this CMMC practice entails. CMMC Practice AC.L2-3.1.3: the Basics According to the CMMC practice AC.L2-3.1.3, “Control CUI Flow,” companies within…
Details
As you navigate your way through the Cybersecurity Maturity Model Certification (CMMC) compliance, you will come across the term “principle of least functionality.” But what does it mean, exactly? In today’s blog post, we give you all the resources you need to understand this key concept. About the Principle of Least Functionality Least functionality is…
Details
If you are still confused about the Cybersecurity Maturity Model Certification, a good place to start is by understanding its importance. Keep reading to learn what CMMC is, why you need it, and why it is important. What Is CMMC? The Cybersecurity Maturity Model Certification is a cybersecurity framework created by the Department of Defense…
Details
DFARS and CMMC are two concepts you need to understand if you are part of the Defense Industrial Base in any capacity. But if you have difficulties making sense of the differences between them, don’t worry: in this post, you will find everything you need to know. CMMC: The Basics CMMC stands for Cybersecurity Maturity…
Details