What Are Access Controls — And Why Should You Care? In today’s digital world, protecting information is more important than ever. Whether you’re a small business, a government contractor, or just someone who uses a computer at work, keeping sensitive data safe is part of the job. One of the best ways to do that?…
Important Update: New Cyber Incident Reporting Process for DoD Contractors Effective June 6, 2025 To our valued Defense Industrial Base (DIB) partners, The Department of Defense (DoD) has recently announced a critical update to the cyber incident reporting process for contractors handling Controlled Unclassified Information (CUI) or operating under DFARS clauses 252.204-7012 and 252.239-7010. What’s…
If you are looking into the process of becoming CMMC compliant, you are probably wondering how many CMMC controls you need to comply with. Keep reading to discover the answer and learn more about CMMC. CMMC: The Basics The Cybersecurity Maturity Model Certification is a cybersecurity framework designed by the Department of Defense (DoD) to…
Creating a System Security Plan (SSP) is an essential step toward achieving CMMC compliance. That’s why in today’s post, we provide a detailed overview of SSPs, from a basic definition to what an SSP template looks like. System Security Plan (SSP): A Basic Definition A System Security Plan (or SSP) is a formal document that…
When aiming to achieve CMMC Level 2 compliance, it can be difficult to keep track of all the practices you must observe as a defense contractor. With that in mind, today we bring you a straightforward introduction to CMMC Level 2 compliance, plus a handy checklist you can use to understand where you stand and…
The Cybersecurity Maturity Model Certification (CMMC) practice AC.L2-3.1.3 requires defense contractors to control the flow of Controlled Unclassified Information (CUI). But what does this mean, exactly? Keep reading to learn more about what compliance with this CMMC practice entails. CMMC Practice AC.L2-3.1.3: the Basics According to the CMMC practice AC.L2-3.1.3, “Control CUI Flow,” companies within…
As you navigate your way through the Cybersecurity Maturity Model Certification (CMMC) compliance, you will come across the term “principle of least functionality.” But what does it mean, exactly? In today’s blog post, we give you all the resources you need to understand this key concept. About the Principle of Least Functionality Least functionality is…
DFARS and CMMC are two concepts you need to understand if you are part of the Defense Industrial Base in any capacity. But if you have difficulties making sense of the differences between them, don’t worry: in this post, you will find everything you need to know. CMMC: The Basics CMMC stands for Cybersecurity Maturity…
While Controlled Unclassified Information (CUI) tends to get all the attention, the Cybersecurity Maturity Model Certification (CMMC) also aims to protect Federal Contract Information (FCI). Read on to learn more about FCI and CUI, including their differences and how to safeguard them according to CMMC. What Is FCI? The term Federal Contract Information refers to…
Anyone who has ever used an online service such as email or social media is familiar with the term “multifactor authentication.” But is it required as part of the Cybersecurity Maturity Model Certification (CMMC)? In today’s post, we provide all the answers you need. What Is Multifactor Authentication? Multifactor authentication (or MFA for short) is…