• Who’s Watching the Watchmen?

    The majority of large organizations have a solid security posture, devoting significant resources to ensure that their systems are secure. But why do some of these same organizations experience massive security failures with breaches that compromise their clients’ data, leading to long-term damage to the company’s reputation? It’s because sometimes bad things do happen in ... Read More →

  • FedRAMP Revision 5 has been Released!

    The FedRAMP Joint Authorization Board has approved the FedRAMP Revision 5 baselines to align with Revision 5 of the National Institute of Standards and Technology (NIST) Special Publication 800-53. At a high level, the changes include the following: Aligns security controls with NIST 800-53 Revision 5 and adds additional guidance for many of the controls. ... Read More →

  • New Update to NIST 800-171 (Revision 3) Coming Soon…

    The next update to NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” is expected to be released in late Spring or early Summer of this year. NIST SP 800-171 is the source for contractor security requirements in Department of Defense regulations and the Cybersecurity Maturity Model Certification (CMMC) program. An initial public ... Read More →

  • CMMC may be delayed – But it’s not going away. Here is what you still need to do now……

    As you have likely heard, CMMC Rulemaking will be delayed for at up to a year due to additional Government entities review and approval. The Government may also be looking at improving requirement consistency and standardizing those requirements so that they can also be applied to non-DOD agencies. However, it is certain that DoD prime ... Read More →

  • Frequent Findings from the Most Recent Joint Surveillance Voluntary Assessments (BETA)

    As a Registered Practitioner Organization, BSC is directly involved with the CMMC Cyber-AB organization and attends multiple meetings and town halls to stay current on the CMMC landscape. While no official CMMC assessments will be performed until rulemaking is completed, here are some of the common issues that arose during the voluntary beta assessments. Organizations ... Read More →