Microsoft’s CMMC Program – Step 5: Security Management

With this article, we now approach the last phase of preparing for your CMMC Certification, which is planning the ongoing maintenance of your security program. How It Is Done This realm falls under the category of what is known as Security Management.  Obviously, you are going to have many controls in place in which you are going ...

Read More

Microsoft’s CMMC Program – Step 4: CMMC Implementation

Our last article examined the Gap Assessment that is necessary in order to achieve full CMMC compliance.  In this one, we look at yet another different process, and that is how to implement everything with the Microsoft security stack. What Is All About As it was described previously, the purpose of the Gap Analysis is to discover, ...

Read More

Microsoft’s CMMC Program – Step 3: CMMC Gap Assessment

Our last article examined the steps that your organization needs to take in order to complete the scoring process.  This is an important step, as you will now have obtained a quantitative value that shows where your controls lie in terms of strengths and weaknesses. The next step is to get ready for the CMMC ...

Read More

Microsoft’s CMMC Program – Step 2: CMMC Scope Assessment

In our last article, we examined some of the various ways in which your organization and subcontractors can conduct an assessment in order to gauge what the status of your existing controls are, and in what areas they need to be improved upon.  This is all part of the effort to become compliant with the ...

Read More

Microsoft’s CMMC Program – Step 1: NIST 800-171 Assessment

For the last year or so, the CMMC 2.0 (Cybersecurity Maturity Model Certification) has been a big deal amongst the Defense Industrial Base, also known as the DIB.  This is essentially the group of defense contractors and their counterparts that are currently doing work for the Department of Defense or are in the process of ...

Read More

Is Your Microsoft-Based MSP Ready for The CMMC?

While you may be dependent upon your Managed Service Provider (MSP) to fulfill your M365 and Azure needs, at some point in time, they should also be CMMC certified. The primary reason for this is that since you are basically hosting all of your data with them, you will also need to make sure that ...

Read More

The CMMC – Common FAQs

The CMMC requirements have just started to roll out. As this time, there are a lot more questions being asked rather than Contractors and Subcontractors being CMMC certified. At the present time, the bulk of the Defense Industrial Base is most concerned about meeting the Maturity Level 1 compliance, and the process to achieve that ...

Read More

The CMMC Placemat

As we enter 2021, the Cyber Threat Landscape will for sure be an evolving one, especially when it comes to Data Privacy. Although the GDPR and the CCPA have not been fully enforced yet, it is expected that it will be this year. Another area which is now getting serious attention is that of the ...

Read More

Who Needs To Be CMMC Certified?

To some degree or another, those involved in cybersecurity activities associated with work for the United States federal government have heard of the term "CMMC". But what exactly is it?  It is an acronym for "Cybersecurity Maturity Model Certification". To provide a brief historical background into this, between 2016 and 2020, the overall economy lost well ...

Read More