Rulemaking Timeline for CMMC DFARS Rule The proposed CMMC Rule has been submitted to the Office of Information and Regulatory Affairs. Several groups (mostly cybersecurity professionals) have met with DoD CIO and OIRA to give recommendations for the rule. Most Read More
𝐇𝐨𝐰 𝐥𝐨𝐧𝐠 𝐝𝐨𝐞𝐬 𝐢𝐭 𝐭𝐚𝐤𝐞 𝐚 𝐜𝐨𝐦𝐩𝐚𝐧𝐲 𝐭𝐨 𝐠𝐨 𝐛𝐚𝐧𝐤𝐫𝐮𝐩𝐭 𝐢𝐭 𝐰𝐡𝐞𝐧 𝐜𝐚𝐧’𝐭 𝐰𝐢𝐧 𝐰𝐨𝐫𝐤? One year? Two? Three? Let me tell you a story about how a system of perverse incentives caused our current cybersecurity situation in the Defense Read More
Achieving Cloud Compliance in the Age of CMMC, CUI, and DFARS 7012: How secure are your cloud vendors?
Will CMMC assessors stick to just the CMMC requirements or will they review your compliance to CUI-specified handling and other regulations?
A guided review of DFARS 252.204-7012 covering the topics: What is a covered contractor information system? What is Covered Defense Information?
Answers to common questions about how to submit your NIST SP 800-171 self assessment to SPRS. Register an account, how to handle multiple…
Hello folks, This is week’s update is pretty short. The DFARS Interim Rule is still the biggest news. Other topics are the new DoD CUI website which has great resources for contractors, and word-of-mouth updates on the CMMC-AB’s registered practitioner Read More
DFARS rule update for CMMC The acquisitions office has proposed an amendment to DFARS 252.204-7012, which is the contract rule that currently requires a high level of cybersecurity for the majority of Defense Contractors. The amendment is expected to replace Read More
Why is there a page for DFARS 252.204-7012 on a CMMC website? DFARS 252.204-7012 is a contract requirement for defense contractors that handle or might handle Controlled Unclassified Information (CUI). Unlike the CMMC, DFARS 7012 is currently required and should Read More