I have noticed something recently from some members of the CMMC consulting community. Create fear. Statements like CMMC will be in contracts in May of next year and if you are not CMMC compliant you will not be able to get DoD contracts are in their sales pieces. Here is the reality. CMMC is really […]
Continue reading → [DISPLAY_ACURAX_ICONS]To say that DoD’s plans to enhance the cybersecurity practices of the defense industrial base have not gone exactly as planned would be polite. White House Executive Order 13556, creating controlled unclassified, was issued in 2010. 12 years later, DoD is still wrestling with the issue. DFARS 252.204-7012, which mandated NIST 800-171 compliance, became effective […]
Continue reading → [DISPLAY_ACURAX_ICONS]CMMC just became more complicated or more simple. The feds published an advance notice of proposed rulemaking (ANPR) for CMMC 2.0 and then just as quickly, unpublished it. The Federal Register, the place where official notices are published only said that they asked for it to be unpublished. So people saw the ANPR for about […]
Continue reading → [DISPLAY_ACURAX_ICONS]USTRANSCOM Starts CMMC Lite Now The DoD’s transportation command, the folks who are in charge of getting all the stuff that the military needs from where it is to where it needs to be, has announced that they are implementing a light version of CMMC NOW instead of waiting for the five years that it […]
Continue reading → [DISPLAY_ACURAX_ICONS]DoD Working on CMMC-Fedramp ‘Reciprocity’ by Year End CMMC, the DoD’s new cybersecurity standard is designed to measure security practices of companies and the servers in the computer rooms and data centers. But what about the stuff in the cloud. That is covered by another government standard called FedRAMP. But those two standards have different […]
Continue reading → [DISPLAY_ACURAX_ICONS]Visser Precision, a precision parts contract manufacturer based in Denver, Colorado, has confirmed a “cybersecurity incident”. Visser makes parts for the likes of Tesla, Space X, Boeing and defense contractor Lockheed Martin. The ransomware was DoppelPaymer, is one of the Ransomware 2.0 variants that steal the data before they encrypt it. Some of that data […]
Continue reading → [DISPLAY_ACURAX_ICONS]