CMMC Compliance Tools: A Checklist for Endpoint Device Protection
While PreVeil’s platform protects CUI in Email and Files, CUI inevitably also comes in touch with your workplace’s endpoints.. Indeed, CUI is frequently processed, stored and/or transmitted via these types of endpoint devices. Thus many NIST SP 800-171 security controls focus on endpoint protection. Endpoints are physical devices—such as ... Read More
Canadian Cybersecurity Program to Align with CMMC Framework
The Government of Canada recently announced a certification program for its defense contractors that will align with the US Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) program. Similar to the CMMC program, the primary objective of the Canadian Program for Cyber Security Certification (CPSCS) is to safeguard ... Read More
A Guide to Understanding the Three CMMC Levels
The Department of Defense created the Cybersecurity Maturity Model Certification (CMMC) framework to standardize cybersecurity practices throughout the Defense Industrial Base (DIB). CMMC is designed to increase defense contractors’ accountability and compliance with existing DoD regulations. CMMC has three levels. Once CMMC becomes law, all defense contractors—primes and subs—will ... Read More
Who is responsible for protecting CUI?
If you’re a defense contractor handling Controlled Unclassified Information (CUI), then your contract will have a DFARS 252.204-7012 clause in it that requires you to protect that sensitive information. While that may seem clear enough, in practice it’s common for defense contractors to work with other contractors in their supply ... Read More
Why Defense Contractors Should Start on CMMC Compliance Now
In July 2023 the DoD hit a milestone with submission of a CMMC rulemaking package to the Office of Management and Budget for review. This move signals DoD’s continued commitment to improving the cybersecurity of the Defense Industrial Base (DIB) and its desire to make CMMC the law of the ... Read More
CMMC Assessment Guide
If you contract for the Department of Defense (DoD) you will soon need to achieve compliance with the Cybersecurity Maturity Model Certification (CMMC – the DoD’s initiative to improve cybersecurity across the DIB. Historically, defense contractors handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) have been allowed to ... Read More
CMMC Compliance Checklist
12 Steps to Help You Get Ready for CMMC If you are a defense contractor handling Controlled Unclassified Information (CUI) or Federal Contract Information (FCI), you will soon be required to achieve Cybersecurity Maturity Model Certification (CMMC). CMMC is the Department of Defense’s (DoD) upcoming assessment standard, designed to ensure ... Read More
NIST SP 800-171 SPRS score vs. SPRS risk assessment scores: What’s the difference?
The Department of Defense’s (DoD’s) recently released DFARS 252.204-7024 has created some confusion about SPRS scores, while at the same time shedding light on how the DoD uses its SPRS system. DFARS 7024 requires DoD contracting officers to consider SPRS (Supplier Performance Risk System) risk assessments to help determine if ... Read More
