When aiming to achieve CMMC Level 2 compliance, it can be difficult to keep track of all the practices you must observe as a defense contractor. With that in mind, today we bring you a straightforward introduction to CMMC Level 2 compliance, plus a handy checklist you can use to understand where you stand and…
Details
If you produce defense-related articles, Canada is the natural choice when you look to expand internationally. But do you need to comply with ITAR in order to export to Canada? In today’s blog, we give you all the information you need to know. What Is ITAR? The International Traffic in Arms Regulations (ITAR), is a…
Details
The Cybersecurity Maturity Model Certification (CMMC) practice AC.L2-3.1.3 requires defense contractors to control the flow of Controlled Unclassified Information (CUI). But what does this mean, exactly? Keep reading to learn more about what compliance with this CMMC practice entails. CMMC Practice AC.L2-3.1.3: the Basics According to the CMMC practice AC.L2-3.1.3, “Control CUI Flow,” companies within…
Details
As you navigate your way through the Cybersecurity Maturity Model Certification (CMMC) compliance, you will come across the term “principle of least functionality.” But what does it mean, exactly? In today’s blog post, we give you all the resources you need to understand this key concept. About the Principle of Least Functionality Least functionality is…
Details
If you are still confused about the Cybersecurity Maturity Model Certification, a good place to start is by understanding its importance. Keep reading to learn what CMMC is, why you need it, and why it is important. What Is CMMC? The Cybersecurity Maturity Model Certification is a cybersecurity framework created by the Department of Defense…
Details
DFARS and CMMC are two concepts you need to understand if you are part of the Defense Industrial Base in any capacity. But if you have difficulties making sense of the differences between them, don’t worry: in this post, you will find everything you need to know. CMMC: The Basics CMMC stands for Cybersecurity Maturity…
Details
At this point, you probably know that defense contractors will be required to achieve CMMC compliance. But what about subcontractors? In today’s post, we explore this important topic, including what CMMC and other rules say specifically about subcontractors. CMMC and Defense Contractors CMMC is short for Cybersecurity Maturity Model Certification, a cybersecurity framework designed by…
Details
While Controlled Unclassified Information (CUI) tends to get all the attention, the Cybersecurity Maturity Model Certification (CMMC) also aims to protect Federal Contract Information (FCI). Read on to learn more about FCI and CUI, including their differences and how to safeguard them according to CMMC. What Is FCI? The term Federal Contract Information refers to…
Details
ITAR and EAR are two sets of regulations with similar purposes. However, there are also some important differences between them. Keep reading to learn more about ITAR and EAR, including a detailed review of their scope and application. What Is ITAR? The International Traffic in Arms Regulations (or ITAR) is a set of controls administered…
Details
The Cybersecurity Maturity Model Certification can be a stressful topic for defense contractors. That’s why many of them wonder whether they can self-certify CMMC. In today’s post, we offer a clear, detailed overview of CMMC and self-certification. Keep reading to learn more. Certifications Under CMMC Let’s begin by answering the question raised in the title…
Details