NIST 800-53 Rev. 5 Adopts a Strategic Compliance Approach, Puts Privacy at a Premium

The National Institute of Standards and Technology’s (NIST) latest version of Special Publication 800-53 places an enhanced focus on privacy controls and supply chain risk management.

Read More

CMMC: Expert Advice on Cybersecurity Certification Next Steps

The recent release of the Interim DFARS rule has raised a lot of concern and questions among U.S. Department of Defense (DoD) contractors.

Read More

FIPS 140-2 and FedRAMP: A 3PAO Perspective

FIPS 140-2 and FedRAMP: A 3PAO Perspective

Many organizations understand encryption is the key to keeping sensitive information secure, but there are several options like modules and algorithms to choose from – many without an established standard.

Read More

Federal Compliance Definitions: A Glossary of Terms

Federal Compliance Definitions: A Glossary of Terms

The world of compliance is filled with acronyms and abbreviations for some of its more complicated regulation systems and organizations. There is perhaps no better example than the long list of acronyms associated with federal compliance laws.

Read More

What is the Cybersecurity Maturity Model Certification (CMMC)?

What is the Cybersecurity Maturity Model Certification (CMMC)?

The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s (DoD) newest verification mechanism designed to ensure that cybersecurity controls and processes adequately protect Controlled Unclassified Information (CUI) that resides on Defense Industrial Base (DIB) systems and networks.

Read More