On November 4, 2021, the US Department of Defense (DoD) announced a massive revamp of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, aimed to eliminate red tape for small- and medium-sized businesses and strengthen cooperation between the DoD and contractors in addressing ever-evolving cyberthreats.
With CMMC 2.0, the goal remains the same: protect federal contract information (FCI) and controlled unclassified information (CUI). To streamline the assessment process, CMMC 2.0:
- Reduces certification levels from five to three
- Removes maturity processes and CMMC-exclusive practices
- Aligns CMMC Levels 2 and 3 requirements with National Institute of Standards and Technology Special Publication 800-171 and 800-172 controls
- Allows the use of time-limited waivers and plans of action and milestones (POAMs)
While no part of the CMMC 2.0 framework mentions the dark web, defense contractors must understand how the dark web threatens the security of FCI and CUI. In this blog, we will discuss the dark web and how dark web monitoring can help with your CMMC assessment.
What is the dark web?
The dark web is a hidden part of the internet that is accessible only through special web browsers. All dark web connections are protected with multiple security layers, making it difficult to track down the physical locations of its web servers.
The dark web has legitimate uses, such as accessing geo-restricted websites and enabling journalists and protesters to express their views while staying anonymous. However, it is also used by cybercriminals to buy and sell illegal and dangerous items such as weapons, drugs, child pornography, and stolen personal information such as:
- Passwords
- Email addresses
- Passport numbers
- Social Security numbers
- Bank accounts
- Credit and debit card numbers
- Medical records
- Phone numbers
- Residential addresses
The dark web also poses a threat to defense contractors. For instance, if an organization suffers a data breach, sensitive data, such as FCI and CUI, might end up on the dark web and sold to threat actors, such as enemies of the state.
To combat this risk, it’s important for defense contractors to implement dark web monitoring.
What is dark web monitoring?
Dark web monitoring is the process of scanning the dark web for stolen digital assets such as personally identifiable information and intellectual property. Dark web monitoring services search forums, illegal marketplaces, and other websites to locate and identify potential data breaches.
How does dark web monitoring help with CMMC compliance?
There are various ways dark web monitoring can benefit your organization. For instance, it can help you:
Quickly find out if your data has been compromised
Normally, it can take months for you to discover that your business has suffered a data breach. By that time, stolen CUI and FCI have likely been sold to cybercriminals already. But by monitoring the dark web, you will be able to detect a data breach quickly, allowing you to respond sooner and minimize the damage that the breach could cause.
Develop an action plan to enhance your security posture
Proactive threat hunting and threat intelligence are key to achieving a high CMMC cybersecurity level. By using a dark web monitoring service, you can better gauge risks of data breaches, domain spoofing, accidental data breaches, and other potential cyberthreats. This will help you classify and prioritize various threat sources and optimize your cybersecurity.
What should you look for in a dark web monitoring service?
When vetting a dark web monitoring service for your organization, consider the following characteristics:
- Proactive monitoring of compromised information: This gives you ample time to respond to a potential threat and prevent further data breaches.
- Round-the-clock monitoring: A good dark web monitoring service should be capable of continuously monitoring black market sites, hidden chat rooms, and private websites for CUI and FCI.
- Threat intelligence: An effective dark web monitoring solution can evaluate industry patterns and use that information to protect your business from common types of cyberattacks.
Ready to get started with your CMMC compliance?
Aside from dark web monitoring, you also need endpoint encryption, security awareness training, and external vulnerability scanning to achieve CMMC 2.0 certification. Charles IT offers all of these services! We can also identify weak spots in your company’s IT infrastructure and provide you with a remediation plan that addresses these. Finally, we can guide you throughout the CMMC assessment process, from getting recommended auditors to producing the evidence needed to prove your security posture. Contact us today to learn more!