Blogs

Last month, the National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-172A, which details the assessment procedures for NIST 800-172, enhanced security requirements relating to controlled unclassified information (CUI). The publication is...

Last month, a memorandum was released for senior pentagon leadership, defense agencies and Department of Defense (DoD) field activity directors urging the use of continuous Authorization To Operate (cATO). In it, the Department of Defense (DoD) acknowledges that current Risk...

Spurred on by the recent rise in cyber attacks on critical national infrastructure, in 2021 President Biden first set the expectation for all federal agencies to implement zero trust architecture (ZTA) within their networks. In the months following the Cyber Executive Order,...

Update: This article was first published in December 2021 and was updated in January 2025 to reflect changes to NIST SP 800-171 and the CMMC framework Within a short period, NIST updated Special Publication 800-171, the Cybersecurity Maturity Model Certification (CMMC)...

The five-year implementation time allows defense contractors in the DoD supply chain who process sensitive government information to obtain CMMC certification, demonstrating the level of cybersecurity maturity required in their respective DoD contracts. However, in November...