The Department of Defense (DoD) has recently published a proposed rule of the Cybersecurity Maturity Model Certification (CMMC) program, marking a pivotal development in the realm of defense contracting and cybersecurity. This initiative marks a significant step in the evolution of cybersecurity standards that define how defense contractors must safeguard sensitive information. The CMMC 2.0 […]
Cybersecurity is the practice of protecting your digital assets from unauthorized access, use, or damage by malicious actors. It is essential for small businesses because they often store sensitive data such as customer information, financial records, intellectual property, and trade secrets. Moreover, small businesses may rely on online platforms and services to operate and communicate […]
Microsoft 365 E5 is a comprehensive suite of productivity tools and cloud-based services offered by Microsoft. Designed for businesses of all sizes, Microsoft 365 E5 provides advanced security features, enhanced collaboration capabilities, and a range of applications to boost productivity. Whether you are a small or a large defense contractor, Microsoft 365 E5 can transform […]
Today’s organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the hybrid workplace, and protects people, devices, apps, and data wherever they’re located. For Cloud Only and Cloud/On-Premise hybrid environments, a comprehensive cybersecurity program will help you effectively manage and protect all your devices and identities, […]
Small and mid-sized businesses seeking to secure contracts with the Department of Defense (DoD) must adhere to growing cybersecurity standards including the Cybersecurity Maturity Model Certification (CMMC). CMMC certifies that businesses can protect Controlled Unclassified Information (CUI) that they create or receive as part of their business with the DoD. Unfortunately for many, navigating the […]
The new Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7024 final rule is here! It was recently implemented by the Department of Defense (DoD) to revise how contracting officers use the Supplier Performance Risk System (SPRS) when evaluating bids for contracts. The final rule requires contracting officers to consider item risk, price risk, and supplier risk data when […]
Due to a recently pushed Microsoft patch roll-up, Microsoft Defender ASR (Attack Surface Reduction) rules are removing icons in the Start Menu and invalidating Quick Launch icons for both non-Microsoft and some Microsoft applications. This is a worldwide phenomenon and a known issue. Microsoft is aware and working to resolve this. Ardalyst is implementing the […]
For the last few years, CMMC, the Cybersecurity Maturity Model Certification, has been a huge topic of discussion among the U.S. Government and the Defense Industrial Base (DIB). What started as an Executive Order over a decade ago to protect CUI has had a slow, incremental rollout, and revisions. Now, with CMMC 2.0, defense contractors […]
The time to get CMMC compliant is now! Stacy Bostjanick, the Department of Defense’s Chief Information Officer, announced that they are eyeing March 2023 for the release of CMMC 2.0, and the DoD would begin implementing CMMC in contracts as early as May 2023. Depending on where you are in your compliance journey, this leaves […]
Since November 30, 2020, the DFARS 252.204-7019 clause has required DoD contractors to complete a Basic Assessment of their compliance with NIST 800-171. A Basic Assessment is a self-assessment using your organization’s System Security Plan (SSP) and Plan of Actions and Milestones (POAM) to calculate your score out of NIST 800-171’s 110 controls. This score […]