Since November 30, 2020, the DFARS 252.204-7019 clause has required DoD contractors to complete a Basic Assessment of their compliance with NIST 800-171. A Basic Assessment is a self-assessment using your organization’s System Security Plan (SSP) and Plan of Actions and Milestones (POAM) to calculate your score out of NIST 800-171’s 110 controls. This score […]
There has been a lot of speculation about the Cybersecurity Maturity Model Certification (CMMC) in recent years. Some question whether it will ever be required. Others see its delay as a sign of failure. Whatever your thoughts, the lull we’re experiencing has fueled inactivity amongst the defense industrial base (DIB). Many small and midsize businesses […]
If you’re a small or mid-sized business that’s wondering how you will afford to meet growing cybersecurity requirements, you’re not alone. Many small and mid-sized businesses struggle to budget for the necessary technology and resources to keep their data and their business safe because the tools are either far too expensive or require large purchase […]
Only two years into the new decade and our nation has been faced with increasing operational challenges. The pandemic turned us into a “remote-first world” making us more digitally dependent than we’ve ever been. As we’ve made this digital shift, we’ve also seen our traditional cybersecurity perimeters do the same to account for cloud solutions […]
The first CMMC Third Party Assessor Organization (C3PAO) was announced and listed on the CMMC Marketplace earlier this month. There are at least 156 known organizations aspiring for C3PAO status to pass the full Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) assessment at CMMC Level 3. Ardalyst is one of those companies. The announcement of […]
John A. Ellis, Director of the Defense Contract Management Agency (DCMA) Software Division presided over a webinar with Ardalyst Mar. 3rd to assist the company’s efforts to help defense contractors understand the new Defense Acquisition Regulations System (DFARS) interim rule, requirements, and assessment methodology. With the new DFARS interim rule, defense contractors are facing increased scrutiny […]
The Department of Defense (DoD) Undersecretary for Acquisition and Sustainment is developing a unified cybersecurity standard for DoD acquisitions, the Cybersecurity Maturity Management Certification (CMMC). With the recent release of version 0.4 of the draft framework, we have much more information to start planning ahead for this requirement, though changes are expected after review and […]