The CMMC Proposed Rule comes with lots of emotion. To help you separate fact from fiction, we sat down with our CMMC experts and asked the questions on everyone’s mind. Why is CMMC happening? The DoD addressed this query. “Because of the across-the-board risks of not implementing cybersecurity requirements, DoD was unable to identify any … Continued
When your credit card was skimmed at the local gas station, you stopped going there for a fill-up. When an online retailer was hacked, and your information was stolen, you got smarter about sharing data. When an odd text message asks you to click the link, you delete it. As consumers, we’re well aware of … Continued
AI is the acronym on everyone’s lips this summer. Generative AI tools have gone mainstream, and nearly everyone has heard an AI use case that piques their interest. But you’ve got questions about the cost, the security, and how to use your data because you’re a small business, not an enterprise with massive resources. AI … Continued
Cybersecurity is like a game of “telephone” where you whisper a phrase to the next person in line. One mistake in the chain passes to others, changing the outcome. While the slip-ups are fun for a party game, no one is amused by a breach or hack in their extended network. With serious consequences on … Continued
Despite working in cybersecurity and hearing about all types of incidents, I was riveted as my friend described how the attack rolled out and how employees reacted. In fact, I thought about the story several times during the next week and shared it with multiple people. It turns out the story was a teachable moment. … Continued
Derek Kernus explains how his company went through the Defense Department’s assessment process for complying with the standards at the heart of CMMC, the rule that will lay out how contractors protect information on their systems. The Cybersecurity Maturity Model Certification regulation may not be final for at least another year, but the Defense Department has … Continued
When the Department of Defense released a Proposed Rule for the Cybersecurity Maturity Model Certification (CMMC) program, it intended to shore up the Defense Industrial Base (DIB) by asking contractors to prove that their cybersecurity was up to standards. A much bigger impact, however, will be felt throughout American business. In essence, it’s a brand-new era … Continued
Cybersecurity expert Derek Kernus explains what was learned when a small-business client went through a voluntary DOD assessment of how it protects controlled, unclassified information, meeting many of the CMMC requirements. With CMMC requirements on the near horizon, those in defense contracting are asking important questions about the timing, process, and preparation for their assessments. … Continued
Just don’t check the boxes for your OASIS+ proposals because your approach to cybersecurity might be the key differentiator for winning task orders, especially for small businesses. After months of work, checking a few boxes on the OASIS+ Pre-Award Questionnaire was no big deal. But now that the dust has settled, you might wonder what … Continued
Microsoft recently had an opportunity to sit down with Derek Kernus, Director of Cybersecurity Operation at DTS, to discuss their experience with the Joint Surveillance Voluntary Assessment (JSVA). The Joint Surveillance Voluntary Assessment (JSVA) program is a transitional certification to CMMC, a new cybersecurity framework for Defense Industrial Base (DIB) contractors. The Joint Surveillance Voluntary Assessment … Continued
