Top CMMC Questions from 2,500 DIB Companies- Answered
When 2,500 defense contractors gathered at our recent CMMC Summit, they asked hundreds of questions about identifying CUI, scoping CMMC, documentation, their Primes, and assessments. Here are their 15 most common questions, answered by our compliance experts: Questions on Scoping & Boundaries Q: “For organizations with multiple locations, how should ... Read More
The CMMC Final Rule is Published: What Contractors Need to Know
The Department of Defense (DoD) published the Cybersecurity Maturity Model Certification (CMMC) Final Rule on October 15, 2024. This newly issued regulation (CFR 32) can be viewed in the Federal Register and will go into effect on December 16, 2024. It introduces key changes for organizations handling Controlled Unclassified Information (CUI). This blog is intended for organizations ... Read More
Facts and Stats about Cybersecurity and Compliance
Cybercrime remains one of the primary risks facing companies across the United States. The following statistics highlight the most pressing cybersecurity risks organizations face today and underscore the importance of proactive security measures. Top Cybersecurity statistics Cyber attack stats for Small-to-Medium Enterprises Cybersecurity is a growing concern for small businesses, ... Read More
The CMMC Rule is Final!
Last week, the CMMC Final Rule (known as CFR 32) was released from OIRA, meaning no more changes can be made. Since CFR 32 is considered a Major Rule, it will next undergo a Congressional review of up to 60 days, after which it becomes law. Any inaction by Congress ... Read More
Joint Certification Program (DD 2345)
The post Joint Certification Program (DD 2345) appeared first on PreVeil ... Read More
Understanding CMMC Level 2 (Advanced)
The Cybersecurity Maturity Model Certification (CMMC) is a crucial program for defense contractors. CMMC Level 2, referred to as Advanced, applies to the 80,000 organizations that handle Controlled Unclassified Information (CUI). It aligns with the existing Defense Federal Acquisition Regulation Supplement (DFARS) 7012 requirement by mandating that CUI be protected ... Read More
CMMC Tools for Compliance + Assessment
Achieving CMMC compliance can feel like a daunting task, but there are tools available to help expedite the process, saving time and money. The tools explored here help address the 110 security controls outlined in NIST SP 800-171, which is the basis for CMMC Level 2. Below are 5 categories ... Read More
What is a POAM
Defense contractors seeking compliance with CMMC/ NIST 800-171 must have a System Security Plan (SSP) to spell out the technologies, policies and procedures they are implementing to meet the NIST standard. At the same time, they must create Plans of Actions & Milestones (POAMs) to identify and track remediation for ... Read More
HIPAA & FERPA Compliant Encrypted Email and File Sharing for Therapists
Therapists face the critical task of managing sensitive information with the utmost care, especially when this information is subject to stringent privacy regulations like FERPA (Family Educational Rights and Privacy Act) and HIPAA (Health Insurance Portability and Accountability Act). The challenge intensifies with the necessity to communicate this information securely ... Read More
Who is responsible for protecting CUI?
If you’re a defense contractor handling Controlled Unclassified Information (CUI), then your contract will have a DFARS 252.204-7012 clause in it that requires you to protect that sensitive information. While that may seem clear enough, in practice it’s common for defense contractors to work with other contractors in their supply ... Read More
