CMMC 2.0 has two rules: requirements (32 CFR) and DoD program management implementation (Title 48 CFR). It became law on December 16, 2024, with KAMIND among the first certified as a Level 2 company. This blog discusses 48 CFR and its timeline. What It Is About 48 CFR, officially "Title 48 of the Code of Federal Regulations ...
Introduction When companies work towards their CMMC certifications, they can speed up the process through something called "Inheritance". This means they can use security measures that have already been approved by another organization. By partnering with a certified service provider, they can get certified faster and reduce the risk of failing the certification. What Is Inheritance? Inheritance allows ...
As you might know, the CMMC is an acronym that stands for the “Cybersecurity Maturity Model Certification”. Put in simpler terms, if you are a defense contractor, or even a subcontractor, you need to be certified at a particular Maturity Level before you will even be allowed to bid for a contract that is sponsored ...
Achieving Cybersecurity Maturity Model Certification (CMMC) Level 1 compliance is essential for organizations involved in the defense sector. However, navigating the requirements and ensuring readiness can be daunting and expensive. That's where the DIY KIT for CMMC L1 self-assessment comes in. What is the DIY KIT? The DIY KIT is a comprehensive, cost-effective solution designed to help ...
In our previous blogs and whitepapers on the CMMC, there are two types of datasets that we have referred to, which are: FCI CUI In this article, we take a closer examination of the latter. What Is CUI? CUI is an acronym that stands for “Controlled Unclassified Information”. There is often confusion as to whether datasets or documents ...
The CMMC is an acronym that stands for the “Cybersecurity Maturity Model Certification”. As our past article and whitepapers have covered extensively, it is essentially where the Defense Industrial Base and their subcontractors have to achieve a certain level of certification before they are allowed to bid for work-related contracts. We are now in the ...
With this article, we now approach the last phase of preparing for your CMMC Certification, which is planning the ongoing maintenance of your security program. How It Is Done This realm falls under the category of what is known as Security Management. Obviously, you are going to have many controls in place in which you are going ...
Our last article examined the Gap Assessment that is necessary in order to achieve full CMMC compliance. In this one, we look at yet another different process, and that is how to implement everything with the Microsoft security stack. What Is All About As it was described previously, the purpose of the Gap Analysis is to discover, ...
Our last article examined the steps that your organization needs to take in order to complete the scoring process. This is an important step, as you will now have obtained a quantitative value that shows where your controls lie in terms of strengths and weaknesses. The next step is to get ready for the CMMC ...
In our last article, we examined some of the various ways in which your organization and subcontractors can conduct an assessment in order to gauge what the status of your existing controls are, and in what areas they need to be improved upon. This is all part of the effort to become compliant with the ...
