On September 29, 2020, the Department of Defense’s Defense Federal Acquisition Regulations Supplement (DFARS) agency issued an interim rule on Cybersecurity Maturity Model Certification (CMMC)implementation, per DFARS 252.204-7012, The rule is designed to clarify confusion about the integration of the CMMC framework, which has been a topic of concern to many people and businesses that […]

It is important that all directly or indirectly involved in Federal contracting or securing ITAR Technical Data keep informed of the DOD’s cybersecurity requirements for not just their own IT networks but all their vendors providing online storage and collaboration services. The Cloud Computing Security Requirements Guide (CC SRG) is included among many compliance standards […]

The Pentagon issued the final standards under the Cybersecurity Maturity Model Certification (CMMC) on Friday  Jan 31, 2020. Version 1.0 marks the first step towards implementing the new cybersecurity standards into all Department of Defense contracts.   The model, consisting of five levels of security standards, will be phased into requests for information starting this summer. The vast majority […]

The Cybersecurity Maturity Model Certification (CMMC) Draft Version 0.7 is live and available here. Version 0.7 includes Level 4-5 practices and modifies some maturity processes and Level 1-3 practices. This draft is another step closer to the final version — CMMC 1.0. The CMMC will be a new contractual requirement for all DoD contractors.  The […]

The Cybersecurity Maturity Model Certification (CMMC) Draft Version 0.6 is live and available here. Draft version 0.6 includes CMMC Levels 1 – 3. Of note, “CMMC Levels 4-5 are not included in this release because public comments are still being addressed.” The updates to CMMC Levels 4 – 5 are expected to be provided in […]

The Department of Defense will publish the second draft of its newly created Cybersecurity Maturity Model Certification early next month. Undersecretary for Acquisition and Sustainment Ellen Lord said in a press conference that version 0.6 of the CMMC will be released for comment the first week of November. “We are looking to roll CMMC out […]

One of the features that helps ensure ITAR compliance within the cloud is known as Information Rights Management (IRM). IRM is a tool by which Controlled Unclassified Information (CUI) and other confidential or sensitive information are protected in a variety of ways. You may be familiar with Digital Rights Management (DRM), which is integrated within […]

The Department of Defense has issued long-awaited cybersecurity standards in draft form for contractors who work with the Pentagon’s sensitive data. Version 0.4 of the Cybersecurity Maturity Model Certification (CMMC) is now live, giving contractors a glimpse into the sort of cybersecurity standards they will need to meet if they want to work on contracts that handle controlled […]

When it comes to industry regulations like ITAR and DFARS, the need for Secure Messaging is at the forefront of reaching and maintaining compliance. For the layman, Secure Messaging relies on a server-based approach that utilizes encryption standards. When a file or email is encrypted, it can only be read by someone who has the […]

Following rules of engagement is a common concept, but knowing the rules — and whether they really apply to one’s own business — is not always a common condition. The federal market can be especially confusing for smaller companies that may be delivering similar products or services to both civilian and military/defense/aerospace agencies. If you […]