Which Cybersecurity Frameworks Qualify for Safe Harbor?

Which Cybersecurity Frameworks Qualify for Safe Harbor?

The Health Insurance Portability and Accountability Act (HIPAA) enabled the development and implementation of standards for storing and handling protected health information (PHI). All covered entities (CE) that handle patient data, including pharmacies, hospitals, and even employers that provide health insurance plans to their employees, must follow these standards. HIPAA rules also apply to ...

What Is Connecticut’s Safe Harbor Law?

What Is Connecticut’s Safe Harbor Law?

The pandemic has proven to be a major challenge for businesses of all sizes, not only in terms of operations but also data security. With the rise in online communications and remote work, there has been an increase in the number of cyberattacks targeting businesses across the country.

How Does Vulnerability Scanning Keep My Company Compliant?

How Does Vulnerability Scanning Keep My Company Compliant?

Maintaining compliance with government regulations can be daunting for many companies. This is especially true when it comes to the Cybersecurity Maturity Model Certification (CMMC), which requires Department of Defense (DoD) contractors to implement specific security controls in order to protect sensitive data pertaining to national security.

Backup & Disaster Recovery's role in the CMMC framework

Backup & Disaster Recovery's role in the CMMC framework

The Cybersecurity Maturity Model Certification (CMMC) framework is the basis for Department of Defense (DoD) efforts to safeguard controlled unclassified information (CUI) across its vast worldwide supply chain. This framework comprises 171 practices that are stacked across 17 domains and 43 capabilities, each of which belongs to one of the maturity levels in the model.

What Security Services Are Necessary to Be Compliant with CMMC 2.0?

What Security Services Are Necessary to Be Compliant with CMMC 2.0?

On November 4, 2021, the Department of Defense (DoD) announced a massive overhaul of the Cybersecurity Maturity Model Certification (CMMC 1.0) program. The new framework, dubbed CMMC 2.0, is still being finalized and not yet publicly available, raising a lot of questions for many Defense Industrial Base (DIB) contractors and subcontractors about how they’ll need to adjust.

Your Top 5 CMMC 2.0 Questions Answered

Your Top 5 CMMC 2.0 Questions Answered

The Department of Defense’s (DoD) announcement of revamping their Cybersecurity Maturity Model Certification (CMMC) program has left many contractors trying to understand how the update will affect their compliance needs and audit requirements. To offer clarity and guidance on the new framework, we put together a list of the top five questions companies have been asking about CMMC 2.0.

What Companies Should Know About the DoD’s CMMC Update

What Companies Should Know About the DoD’s CMMC Update

On November 4, 2021, the Department of Defense (DoD) announced several changes to the Cybersecurity Maturity Model Certification (CMMC) program, now referred to as CMMC 1.0. CMMC 2.0, the updated version of the framework, is a culmination of the DoD’s months-long internal review of CMMC 1.0’s implementation and significant changes to the program’s strategic direction.

The Timeline for CMMC 2.0 Rollout: What You Should Know

The Timeline for CMMC 2.0 Rollout: What You Should Know

In November 2021, the Department of Defense (DoD) announced that the Cybersecurity Maturity Model Certification (CMMC) will be undergoing three major changes to help reduce costs, streamline the compliance process, and be better aligned with other federal standards.

Cybersecurity Maturity Model Certification (CMMC) 2.0: 3 Big Changes

Cybersecurity Maturity Model Certification (CMMC) 2.0: 3 Big Changes

Major changes are underway for the Cybersecurity Maturity Model Certification (CMMC) program. Previewed in an Advanced Notice of Proposed Rulemaking on November 4, 2021, the revamped program is called “CMMC 2.0”. This new certification model promises to streamline compliance for defense contractors and their suppliers, specifically by cutting the red tape, clarifying cybersecurity regulatory and ...

The Strategy Behind the DoD’s CMMC Update

The Strategy Behind the DoD’s CMMC Update

After months of internal study, the Department of Defense (DoD) has revealed its intention of updating the Cybersecurity Maturity Model Certification (CMMC) program. The following are the eight different strategic lines of thinking behind the DoD’s efforts to modify and expand the program.