Vendor Risk in CMMC: How External Providers Affect Evidence and Control Responsibility
To understand why external providers can have such a big impact in terms compliance with the DFARS 252.204-7012, DFARS 252.204-7021, and 32 CFR Part 170
To understand why external providers can have such a big impact in terms compliance with the DFARS 252.204-7012, DFARS 252.204-7021, and 32 CFR Part 170
When most organizations undergo a digital transformation, they do so with the goal of breaking down data silos to allow information to freely flow across
Insert Coin: Introduction If you’ve ever played a video game sequel, you know the feeling. The first game took you hundreds of hours. You learned the mechanics, figured out
When the Rules and Reality Don’t Quite Line Up A few days ago, as I was preparing myself a nutritious midnight snack, a bowl of Cap’n Crunch cereal. Don’t shame me. It has some vitamins
Also referred to as Cybersecurity Maturity Model Certification, CMMC compliance is a unified standard established to protect sensitive (albeit unclassified) information that is being shared
Picture two organizations virtually identical in size, industry, systems, and Controlled Unclassified Information (CUI) environment going through their CMMC Level 2 Certification Assessment on the same week. One walks
Connect the Clues: Introduction You’ve probably seen at least one detective show in your lifetime. Whether it was a grizzled, old-school investigator with a corkboard
Hyperactive Imagination: Introduction What comes to mind when you think about data at rest being protected? Do you think about three-dimensional ones and zeros with
That Shepherd Boy Looks Familiar! As I prepare to talk about the Cost of CMMC, I’d like to ask you to reminisce with me. Do
For Managed Service Providers (MSPs), offering GRC as a Service (GRCaaS) may be an overlooked revenue opportunity in today’s regulated market. While many MSPs have avoided governance, risk,