CMMC Implementation – Level 2 Incident Response

Introduction Earlier in this blog series, we discussed the importance of system audit logs and the regular review of those logs, and system alerts for events that lead to a failure in the audit logging process.  In this blog, we will look at what happens when...

Read More

CMMC Quarterly Update – June 2022

Update on Rulemaking From an article published by Sara Friedman[1] of Inside Cybersecurity, the DoD now expects to release interim rules two months earlier than expected — in March 2023 — and include CMMC requirements in contracts by May 2023, after the...

Read More

CMMC Implementation – Level 2 Configuration Management

Introduction Red Hat defines Configuration Management as “a process for maintaining computer systems, servers, and software in a desired, consistent state”.  [1]  In other words, a company will have a complete catalog of its systems’ original configurations,...

Read More

CMMC Implementation – Level 2 Audit and Accountability

Introduction Audit trails maintain a record of system activity, and provide the ability to establish individual accountability, detect system anomalies, and reconstruct system events using key records.  A robust Audit and Accountability program includes system...

Read More

CMMC Implementation – Level 2 Awareness and Training

Introduction Don’t be fooled by the “easy” look of the three controls in the Awareness and Training family of NIST SP 800-171, which are requirements in CMMC 2.0.  A training and awareness program takes a significant amount of time to plan and create, and...

Read More

We like to eat cookies.

This site uses cookies to ensure
the best user experience. 

Thank you for visiting our site.

About Cookies  |  Privacy Policy

I would like to opt-out of cookies.

Thank you for visiting our site!