Foster Charles

CMMC Certification: Why SIEM Should Matter to You

CMMC Certification: Why SIEM Should Matter to You

The cybersecurity maturity model certification (CMMC) is a journey towards proactive security, whereby organizations ultimately shift their focus to preventing security events from occurring in the first place.

Do You Know Which of the CMMC Levels You Should Choose?

Do You Know Which of the CMMC Levels You Should Choose?

Prior to the Cybersecurity Maturity Model Certification, defense contractors were responsible for implementing, maintaining, and assessing their own cybersecurity practices in accordance with the NIST Special Publication 800-171. CMMC aims to improve upon those measures and unify them in a single framework that applies to all defense contractors and subcontractors. It also introduces a number of ...

What Are the CMMC Level 5 Controls?

What Are the CMMC Level 5 Controls?

Level 5 is the highest of all the CMMC levels, and the most time-consuming and complicated to achieve. While this level only adds 15 new CMMC controls, they are far more complex and burdensome to implement and manage than most of those from previous levels. Furthermore, there is the cumulative challenge of implementing all the controls from previous levels for a grand total of 171. In other ...

What Are the CMMC Level 3 Controls?

What Are the CMMC Level 3 Controls?

While the controls introduced in CMMC levels 1 and 2 present the bare minimum of adequate security, the third level is where things culminate. This is also the level that most organizations should be aiming for, not least because it presents the minimum baseline security standards required for an organization to legally handle controlled unclassified information (CUI).

What are the CMMC Level 2 controls?

What are the CMMC Level 2 controls?

With 72 controls spanning all but two of the 17 domains, CMMC level 2 presents a significant step up from the first level. However, it is also widely considered to be a transitional phase in developing sufficiently robust cybersecurity standards, since most businesses will ultimately be aiming for the third level.

What are the CMMC Level 1 Controls?

What are the CMMC Level 1 Controls?

Businesses embarking on their CMMC journey will most likely be aiming for CMMC level three, which is the requirement for handling controlled unclassified information (CUI). However, the demands of level 3 are no easy feat to achieve, hence the importance of the two transitional steps that precede it. Of all the CMMC levels, the first is by far the least demanding, since it only consists of 17 ...

How CMMC Level 1 Provides a Foundation for Future Levels

How CMMC Level 1 Provides a Foundation for Future Levels

The first level of the CMMC framework is intended to serve as an introduction to further CMMC levels. While every organization will ultimately need to achieve a higher level to sign contracts with the DoD, CMMC level one is an important starting point. It is also by far the easiest level to implement, since it consists of only 17 actionable controls. By contrast, level 5, which is the highest ...

How Can Gaps in Your IT Security Affect CMMC Compliance?

How Can Gaps in Your IT Security Affect CMMC Compliance?

By now, most business leaders understand the importance of achieving adequate IT security standards, especially if they have contracts with the US Department of Defense. The CMMC program aims to standardize these requirements across the entire Defense Industrial Base, effectively replacing the DFARS 252.204-7012 clause.

Mistakes to Avoid When Looking for a CMMC Auditor

Mistakes to Avoid When Looking for a CMMC Auditor

The cybersecurity maturity model certification (CMMC) is a unified framework that is intended to regulate and enforce information security standards across the entire defense supply chain. Unlike with the previous DFARS clause, which is based on the NIST 800-171 framework, self-assessments are no longer enough. Instead, you must engage with a CMMC auditor who has been approved by the CMMC ...

CMMC AB: What to Know About the CMMC Accreditation Body

CMMC AB: What to Know About the CMMC Accreditation Body

The cybersecurity maturity model certification (CMMC) is a regulatory framework that governs information security throughout the entire defense industrial base (DIB). All new contracts with the DIB already specify a minimum level of security maturity that contractors must meet before they can work with the DoD. CMMC spans five levels, with the third level being the minimum required for any ...