• NIST 800-53 Revision 5 Security and Privacy Controls for Systems and Organizations

    DoD CMMC Proposed Rule has been released! — What Next?

    On December 26th, the Cybersecurity Maturity Model Certification (CMMC) proposed Rule was officially released for review. The comment period is open through 26 February 2024, and publication of the title 48 CMMC Rule is not expected until March. The final rule itself won’t likely go into effect until early 2025. The proposed rule reaffirmed that ... Read More →

  • Who’s Watching the Watchmen?

    The majority of large organizations have a solid security posture, devoting significant resources to ensure that their systems are secure. But why do some of these same organizations experience massive security failures with breaches that compromise their clients’ data, leading to long-term damage to the company’s reputation? It’s because sometimes bad things do happen in ... Read More →

  • FedRAMP Revision 5 has been Released!

    The FedRAMP Joint Authorization Board has approved the FedRAMP Revision 5 baselines to align with Revision 5 of the National Institute of Standards and Technology (NIST) Special Publication 800-53. At a high level, the changes include the following: Aligns security controls with NIST 800-53 Revision 5 and adds additional guidance for many of the controls. ... Read More →

  • New Update to NIST 800-171 (Revision 3) Coming Soon…

    The next update to NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” is expected to be released in late Spring or early Summer of this year. NIST SP 800-171 is the source for contractor security requirements in Department of Defense regulations and the Cybersecurity Maturity Model Certification (CMMC) program. An initial public ... Read More →

  • CMMC may be delayed – But it’s not going away. Here is what you still need to do now……

    As you have likely heard, CMMC Rulemaking will be delayed for at up to a year due to additional Government entities review and approval. The Government may also be looking at improving requirement consistency and standardizing those requirements so that they can also be applied to non-DOD agencies. However, it is certain that DoD prime ... Read More →