Document Written on Saturday October 13, 2024, by Humberto Correa, CEO and Founder, RPO, RP, MSP, MSSP of Brea Networks, LLC. This document provides an overview of the major highlights and changes in the 32 CFR release from October 11, 2024, which is projected to take effect on December 16, 2024. We have outlined and…
Who needs CMMC certification?… By 2026, most defense contractors conducting work for the DoD – other than those managing Commercial Off The Shelf (COTS) – will need to achieve CMMC certification. The level of certification you need will depend on the requirements spelled out in your contract. 3 MAIN OBJECTIVES: Companies that have a FAR…
CMMC: What Is the Principle of Least Privilege? The principle of least privilege is one of the cornerstones of most cybersecurity frameworks, and the Cybersecurity Maturity Model Certification (CMMC) is no exception. Keep reading to learn everything about the principle of least privilege: What it is, how to implement it, and what it means for…
The release of the CMMC ruling has been release this morning December 22, 2023. Anticipation for this development has been building since 2020. It is important to note that while this is not the definitive final rule, it is a proposed final rule. The finalized version that can be incorporated into DoD contracts is…
Many organizations looking to comply with the Cybersecurity Maturity Model Certification (CMMC) already observe other standards such as SOC 2. With that in mind, today we take a closer look at the similarities and differences between these two standards, including who needs to adhere to them and how to become certified. What Is CMMC? The…
“Domain” is a term you come across often when researching the Cybersecurity Maturity Model Certification (CMMC). But what are CMMC domains, exactly? In today’s post, we tell you everything you need to know about this crucial component of the CMMC ecosystem. A Definition of CMMC Domains Cybersecurity Maturity Model Certification (CMMC) domains are groups or…
As you set your Cybersecurity Maturity Model Certification goals, it is important to have a solid grasp of the different compliance tiers available. For example, what is the difference between CMMC Level 1 and CMMC Level 2? In today’s blog post, we take a closer look. About CMMC The acronym CMMC stands for Cybersecurity Maturity…
Regardless of the Cybersecurity Maturity Model Certification (CMMC) level you need to achieve, there are some practices you need to observe. One of these practices is AC.L1-3.1.1, Authorized Access Control. Keep reading to learn more. What Is AC.L1-3.1.1? Let’s start by making sense of the different components of the CMMC practice number: AC indicates that…
Anyone looking to comply with the Cybersecurity Maturity Model Certification (CMMC) needs to be aware of POA&Ms. Keep reading to learn what a POA&M is, why they matter, and how to use them within your compliance strategy. A Basic Definition of POA&M The term POA&M stands for Plan of Actions and Milestones. As the name…
If you are looking into the process of becoming CMMC compliant, you are probably wondering how many CMMC controls you need to comply with. Keep reading to discover the answer and learn more about CMMC. CMMC: The Basics The Cybersecurity Maturity Model Certification is a cybersecurity framework designed by the Department of Defense (DoD) to…