Etactics

NOVEMBER 9, 2021

On November 4, 2021, the Acquisition and Sustainment Office of the Under Secretary of Defense (OUSD A&S) announced a new strategic direction for the Cybersecurity Maturity Model Certification (CMMC) framework. The launch of CMMC 2.0 These changes will have far-reaching implications throughout the CMMC ecosystem.

52

52

Etactics

AUGUST 10, 2021

What I just wrote may sound like it’s a bold statement. Of course, what I’m referring to is the upcoming enforcement of the Cybersecurity Maturity Model Certification (CMMC). Maybe that’s what ultimately led you to this blog post. Yet, Lockheed Martin made $50.7 billion in revenue from DoD contracts in 2017 alone.

Regulations 52

Regulations 52

Etactics

OCTOBER 5, 2021

CMMC stands for the Cybersecurity Maturity Model Certification. The first, and most important, absolute is that the Department of Defense is the governing body that’s mandating CMMC. The DoD plans on enforcing it from now until 2025, steadily increasing the number of contracts that contain CMMC as a requirement.

Regulations 52

Regulations Process improvement 52

Etactics

DECEMBER 9, 2021

Table of Contents Town Hall Overview Credits for Exam Vouchers C3PAO Assessment Vouchers Renewals On Proposed Changes in CMMC 2.0 Concerns of CMMC 2.0 Benefits of CMMC 2.0 Town Hall Overview On November 30, 2021, the CMMC-AB held a scheduled Town Hall meeting to update the CMMC Ecosystem and defense industrial base (DIB).

Accountability 52

Accountability Integration 52

Etactics

AUGUST 31, 2021

Table of Contents Individuals Performing Services (IPS) Training Registered Practitioner (RP) Training Registered Provider Organization (RPO) Training Certified Third-Party Assessor Organization (C3PAO) Training CMMC Professionals (CCPs) and CMMC Assessors (CCAs) CMMC Provisional Assessor Training Conclusion.

52

52

Etactics

AUGUST 3, 2021

Although what I just wrote is good news, it’s also a logistical nightmare. I don’t think what I’m about to write is the case, but it seems like that statistic is almost directly targeting DoD contractors. One of the biggest reasons why I jokingly think that is because of what the DoD introduced on January 31, 2020.

Regulations 52

Regulations 52

Etactics

JULY 27, 2021

Enter CMMC, stage left. The Cybersecurity Maturity Model Certification (CMMC) is the result of a push by the Department of Defense (DoD) to protect the confidential information that its contractors deal with daily. The first version of CMMC came out in January 2020 and it affects all DoD contractors and their entire supply chain.

Integration 52

Integration Regulations Accountability 52

Etactics

MARCH 25, 2022

Written policies document nearly one-third of the 320 assessment objectives within CMMC. In fact, there are 281 results if you search for “policy” or “policies” in the CMMC Assessment Guide - Level 2. CMMC Guidance on Policies. CMMC Version 1 had specific requirements for each domain policy. CMMC Version 2.0

Regulations 52

Regulations Integration 52

Etactics

JULY 12, 2022

The Cybersecurity Maturity Model Certification (CMMC) requirement for organizations working in the defense industrial base (DIB) is no different. There will be a third level for integrators and organizations dealing with what DoD has deemed to be the most critical CUI but they have not published the requirements for this level yet.

Accountability 52

Accountability Integration 52

Etactics

NOVEMBER 22, 2022

At the time of writing this blog, there are currently 29 CMMC 3rd Party Assessor Organizations (C3PAOs) listed in The Cyber AB Marketplace. They started by providing SOC 2 services as a Certified Public Accounting firm. The CMMC Compliance Journey. Kompleye’s decision to pursue CMMC accreditation had two driving factors.

Accountability 59

Accountability 59

Etactics

JANUARY 4, 2022

Of course, what I’m referring to is the Cybersecurity Maturity Model Certification (CMMC). Maybe you’re already familiar with the acronym and heard that the DoD recently pushed out the massive update, CMMC 2.0. Maybe you’re already familiar with the acronym and heard that the DoD recently pushed out the massive update, CMMC 2.0.

Integration 52

Integration Regulations Accountability 52

Etactics

OCTOBER 14, 2021

There were a lot of unanswered questions during the September 2021 CMMC Accreditation Board (CMMC-AB) Town Hall. The topics discussed added to the number of questions that the ecosystem had for the CMMC-AB this meeting. But the CMMC-AB only answered one of the questions that we planned on covering during the Q&A Town Hall.

Prevention 52

Prevention Accountability 52

Etactics

JANUARY 18, 2022

Changing of The Guard December’s CMMC-AB Town Hall event ushered in a changing of the guard within the accreditation body's board of directors. Mr. Johnson was the first Chairman elected at the CMMC-AB in January 2021. Scoping Guide Matthew Travis briefly walked through the Level 2 Scoping Guidance document. via CMMC-AB.

Regulations 52

Regulations Prevention 52

Etactics

MAY 12, 2022

The purpose of this blog is to: Explain why you need to have an SSP Identify necessary components Review formatting considerations Discuss Plans of Action & Milestones (POA&M) Explore Automation for SSP Generation. There is interest, to have a better understanding of what controls are there to protect this information.

52

52

Etactics

OCTOBER 12, 2021

It’s been over a year since the initial announcement of the upcoming Cybersecurity Maturity Model Certification (CMMC) implementation plan. Since then, thousands of blog posts and videos on the topic now exist (some of which came from us). He was on campus as the keynote speaker for the 2021 CMMC Summit, hosted by Rea & Associates.

Regulations 52

Regulations 52