Entries by Robert Duffy

The Pentagon Updates CMMC Timeline

When CMMC 2.0 was announced in 2021, the original timeline included a 9-24 month implementation process. Since then, we have all been anxiously awaiting to hear if this was on track. In an event hosted by NDIA New England, Stacy Bostjanick, the CMMC director announced the Pentagon is on schedule to release two “Interim Final […]

,

Best Practices for Supply Chain Cybersecurity

The global supply chain crisis has revealed some pretty glaring holes in even the largest enterprises’ cybersecurity plans. To ensure your organization’s supply chain stays protected from the increasing threat of cyberattacks, consider these best practices as you fortify your security. Review Supply Chain Asset and Access Inventory Keeping accurate and comprehensive documentation of hardware, […]

,

The False Claims Act and NIST 800-171: What You Need to Know

Last fall, the Department of Justice (DOJ) announced its new Civil Cyber Fraud Initiative to enforce cybersecurity standards and reporting requirements. Let’s dive into how the Civil Cyber Fraud Initiative, False Claims Act (FCA) and NIST 800-171 relate to one another and how your organization should approach ensuring your compliance with your government contracts. What […]

,

Remote Workforce Cybersecurity Checklist

At this point, we’ve all grown accustomed to working remotely. But oftentimes, comfort becomes complacency, so we created a quick remote workforce security checklist to realign your teams. Read on for ways to fortify your remote workforce cybersecurity practices. Restate Your Standard Operating Practices Your company most likely has a remote workforce security policy, so […]

Key Components of CMMC 2.0 Scoping Guides

In January, the DoD rolled out updates to Cybersecurity Maturity Model Certification (CMMC) 2.0. One of the biggest announcements was the introduction of Scoping Guides for CMMC Levels 1 and 2, which were designed to better guide organizations seeking NIST 800-171 and CMMC compliance through a clearer assessment process. Below we’ll examine what’s included in […]

,

Email Security Best Practices for Employees

For the most part, email security best practices have remained consistent. Don’t click unknown links. Avoid easy passwords and block spammers. However, email is, by far, the most common mode of communication for employees (an estimated 306.4 billion emails were sent each day in 2020!), so it’s important they understand the security risks associated with […]