Microsoft 365 E5 is a comprehensive suite of productivity tools and cloud-based services offered by Microsoft. Designed for businesses of all sizes, Microsoft 365 E5 provides advanced security features, enhanced collaboration capabilities, and a range of applications to boost productivity. Whether you are a small or a large defense contractor, Microsoft 365 E5 can transform […]
Small and mid-sized businesses seeking to secure contracts with the Department of Defense (DoD) must adhere to growing cybersecurity standards including the Cybersecurity Maturity Model Certification (CMMC). CMMC certifies that businesses can protect Controlled Unclassified Information (CUI) that they create or receive as part of their business with the DoD. Unfortunately for many, navigating the […]
The new Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7024 final rule is here! It was recently implemented by the Department of Defense (DoD) to revise how contracting officers use the Supplier Performance Risk System (SPRS) when evaluating bids for contracts. The final rule requires contracting officers to consider item risk, price risk, and supplier risk data when […]
For the last few years, CMMC, the Cybersecurity Maturity Model Certification, has been a huge topic of discussion among the U.S. Government and the Defense Industrial Base (DIB). What started as an Executive Order over a decade ago to protect CUI has had a slow, incremental rollout, and revisions. Now, with CMMC 2.0, defense contractors […]
The time to get CMMC compliant is now! Stacy Bostjanick, the Department of Defense’s Chief Information Officer, announced that they are eyeing March 2023 for the release of CMMC 2.0, and the DoD would begin implementing CMMC in contracts as early as May 2023. Depending on where you are in your compliance journey, this leaves […]
Since November 30, 2020, the DFARS 252.204-7019 clause has required DoD contractors to complete a Basic Assessment of their compliance with NIST 800-171. A Basic Assessment is a self-assessment using your organization’s System Security Plan (SSP) and Plan of Actions and Milestones (POAM) to calculate your score out of NIST 800-171’s 110 controls. This score […]
There has been a lot of speculation about the Cybersecurity Maturity Model Certification (CMMC) in recent years. Some question whether it will ever be required. Others see its delay as a sign of failure. Whatever your thoughts, the lull we’re experiencing has fueled inactivity amongst the defense industrial base (DIB). Many small and midsize businesses […]
If you’re a small or mid-sized business that’s wondering how you will afford to meet growing cybersecurity requirements, you’re not alone. Many small and mid-sized businesses struggle to budget for the necessary technology and resources to keep their data and their business safe because the tools are either far too expensive or require large purchase […]
On November 4, the Defense Department announced significant changes to its Cybersecurity Maturity Model Certification (CMMC) program with plans to eliminate third-party certifications for the lowest level of assessment, add a method for resolving assessment issues, and initiate new rulemaking efforts, among other changes. CMMC 2.0 maintains the program’s original goal of protecting sensitive information […]
The first CMMC Third Party Assessor Organization (C3PAO) was announced and listed on the CMMC Marketplace earlier this month. There are at least 156 known organizations aspiring for C3PAO status to pass the full Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) assessment at CMMC Level 3. Ardalyst is one of those companies. The announcement of […]