• NIST 800-53 Revision 5 Security and Privacy Controls for Systems and Organizations

    DoD CMMC Proposed Rule has been released! — What Next?

    On December 26th, the Cybersecurity Maturity Model Certification (CMMC) proposed Rule was officially released for review. The comment period is open through 26 February 2024, and publication of the title 48 CMMC Rule is not expected until March. The final rule itself won’t likely go into effect until early 2025. The proposed rule reaffirmed that ... Read More →

  • Who’s Watching the Watchmen?

    The majority of large organizations have a solid security posture, devoting significant resources to ensure that their systems are secure. But why do some of these same organizations experience massive security failures with breaches that compromise their clients’ data, leading to long-term damage to the company’s reputation? It’s because sometimes bad things do happen in ... Read More →

  • New Update to NIST 800-171 (Revision 3) Coming Soon…

    The next update to NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” is expected to be released in late Spring or early Summer of this year. NIST SP 800-171 is the source for contractor security requirements in Department of Defense regulations and the Cybersecurity Maturity Model Certification (CMMC) program. An initial public ... Read More →

  • CMMC may be delayed – But it’s not going away. Here is what you still need to do now……

    As you have likely heard, CMMC Rulemaking will be delayed for at up to a year due to additional Government entities review and approval. The Government may also be looking at improving requirement consistency and standardizing those requirements so that they can also be applied to non-DOD agencies. However, it is certain that DoD prime ... Read More →

  • Frequent Findings from the Most Recent Joint Surveillance Voluntary Assessments (BETA)

    As a Registered Practitioner Organization, BSC is directly involved with the CMMC Cyber-AB organization and attends multiple meetings and town halls to stay current on the CMMC landscape. While no official CMMC assessments will be performed until rulemaking is completed, here are some of the common issues that arose during the voluntary beta assessments. Organizations ... Read More →