When you cut through the marketing hype, when you ignore all the LinkedIn trolls predicting doom of the Cybersecurity Maturity Model Certification program you realize CMMC did not rise out of the blue. When you read the history you will find nothing really new. CMMC simply requires third party attestation of what defense contractors already…

Spreading the Wings of CMMC Ethics

As we create the Cybersecurity Maturity Model Certification (CMMC) program we need to consider the ethics behind our goals. Otherwise the program will wither on a vine rather than break from the Chrysalis and spread its wings. History of Ethics in Compliance In 1907 at the 20th Anniversary of the American Association of Public Accountants…

Warning: Undefined array key 0 in /home/ctcmmcco/northeastcmmc.org/wp-content/plugins/indieweb-post-kinds/views/kind-video.php on line 25

https://www.youtube.com/watch?v=SFjGJ4bal9Q&list=PLTwPLYYqvojqbkfYLOOOxboYH4XF_MGJ6&index=6

In this video, Dana interviewsMichael Puldy, CEO of Puldy Resiliency Partners. They discuss  -Crisis Communication -CMMC -Why Should DoD Contractors Be Looking To Level 3 of CMMC -Levels of CMMC -Which part of the NIST framework relates to crisis and incident management? -What is the correct amount or level of communication during a crisis? -A…

Know Your Role when Swimming in CMMC Alphabet Soup

Humans get drawn to to thinking in threes. Holy Trinity, Three Little Pigs, Zelda Triforce, A kid, his Dad, and a Ghost (Star Wars…already mentioned Christianity). Examples exist in our culture, thinking, and governance. In writing we call it the Rule of Three. Think your five paragraph essay with three supporting details. Three baby ducks…

CyberSecurity Begins with Awareness and Training

It always comes down to the humans. The best security but the tiniest friction and all systems fail. That 2% of DNA separating us from chimpanzees really messes with your cyber hygiene. If you want security you need to focus on the biggest attack vector: people. The Cybersecurity Maturity Model Certification program revolves around a…

Roots of CyberSecurity

So many people complain bout the forest and trees in the Cybersecurity Maturity Model Certification. Some look to the trees and can write 5,000 word essays pulling about the etymology of a single word. They never see the forest. “Forest Turnover” by Nicholas_T is licensed under CC BY Others claims CMMC will rise only to…

Inventory Matters

Inventory matters. As Sarah Spencer CEO of SolonTek notes, “You cannot protect what you cannot see.” “dandoodlescan065-inventory is waste” by Inha Leex Hale is licensed under CC BY Now some people read the CMMC assessment guide for Level One and think, “Huh no inventory needed?” Not true. You may not need to show your inventory…

Minimum Elements For a Software Bill of Materials (SBOM)

On July 12th the NTIA and the Department of Commerce released a document of interest to any software developer: The Executive Order (14028) on Improving the Nation’s Cybersecurity directs the Department of Commerce, in coordination with the National Telecommunications and Information Administration (NTIA), to publish the “minimum elements” for a Software Bill of Materials (SBOM).…

Warning: Undefined array key 0 in /home/ctcmmcco/northeastcmmc.org/wp-content/plugins/indieweb-post-kinds/views/kind-video.php on line 25

https://www.youtube.com/watch?v=JjJkyByInQc&t=123s

The People Side Of CMMC | What Can OSCs Due To Maximize The People Element Of CMMC Check the following link to learn more about our content: https://www.identityprotectionplannin… In this video, I am interviewing Carter Schoenberg from SoundWay Consulting. We had a discussion over the following Subjects: -The people side of CMMC -What can OSCs…