- December 3, 2024 (Preparing Assessment Evidence: Adequacy & Sufficiency)
- November 19, 2024 (Cloud services your CMMC scope)
- November 12, 2024 (How does your MSP/MSSP fit into your CMMC scope?)
- November 5, 2024 (Let's Talk About POA&Ms)
- October 15, 2024 (CMMC Program Final Rule (32 CFR 170) Published)
- August 27, 2024 (Attrition, Opportunities, & Unintended Consequences)
- August 20, 2024 (Breaking News: 48 CFR CMMC Rule Published in Federal Register)
- July 16, 2024 (The first step is the hardest)
- June 28, 2024 (Breaking News: CMMC Program 32 CFR final rule sent to OMB)
- June 10, 2024 (CMCC 2.0 coming Q1-2025)
- June 3, 2024 (Does your NIST SP 800-171/CMMC assessment tool give you points for POAMs?)
- May 20, 2024 (171/A R3 final released, CMMC 48 CFR rule sent to OMB)
- May 7, 2024 (DoD issues Class Deviation for NIST SP 800-171r2)
- April 8, 2024 (Everbody has to do L1 -- and it's harder than you think!)
- March 27, 2024 (Understanding the CMMC Assessment Guides)
- March 13, 2024 (When you're lost, dive into the AOs)
- March 6, 2024 (The second most important control)
- February 27, 2024 (DOD releases CMMC video)
- February 21, 2024 (You can't solve a process problem with technology)
- January 31, 2024 (CMMC Levels -- What is required?)
- January 24, 2024 (CMMC Levels -- Where are you?)
- January 17, 2024 (Comments on the proposed new CMMC rule)
- January 10, 2024 (FedRAMP Moderate Equivalency Defined, and why you care)
- January 3, 2024 (It's here! The proposed CMMC rule was published on Dec 26)
- November 13, 2023 (The latest on NIST SP 800-171r3)
- October 2, 2023 (National Cybersecurity Awareness Month)
- September 20, 2023 (800-171r3, DFARS 7012 and CMMC 2.1 – Where are we now?)
- August 23, 2023 (A look inside the leaked documents of CMMC v2.1)
- July 26, 2023 (Breaking News: the CMMC rule is coming)
- June 28, 2023 (What's new in NIST 800-171r3?)
- June 7, 2023 (NIST 800-171r3 -- Coming soon! (sooner than expected))
- May 15, 2023 (Breaking News: NIST 800-171r3 released)
- May 4, 2023 (New resources for defense contractors)
- April 19, 2023 (Commonly misunderstood practices in CMMC)
- March 22, 2023 (Free resources to help meet Awareness & Training requirements in CMMC L2)
- December 7 2022 (Having N/A in your SSP, isolated systems)
- November 21 2022 (October 1, 2025 is the date, Cost & Timeline)
- November 7, 2022 (Lessons Learned from first CMMC Voluntary Assessments)
- October 5, 2022 (CMMC breaking out, cost & timeline, VDI, most common failures)
- September 29, 2022 (Basic and Medium Assessments, What does your SSP look like?)
- August 24, 2022 (What can/should you be doing now?)
- August 10, 2022 (What does the CAP mean for your organization?)
- July 27, 2022 (The June Memo and the FAC)
- July 13, 2022 (Hot news from recent conferences and webinars)
- April 20, 2022 (Medium Assessments. Asset Categories & July 2023)
- March 16, 2022 (The CMMC 2.0 Rumor Mill)
- February 9, 2022 (CMMC 2.0 Scoping Guide: Contractor Risk Managed Assets)
- December 7, 2021 (CMMC 2.0 Scoping guides are here!)
- November 17, 2021 (More information on CMMC 2.0)
- November 4, 2021 (Announcing CMMC 2.0 and The Way Forward)
- October 13, 2021 (Cyber incident reporting and the importance of candor)
- September 8, 2021 (Increased pressure and rampant confusion: NIST 800-171 Self Assessment & SPRS)
- August 18, 2021 (AC.1.001: ”Authorized” users vs. “Authenticated”)
- August 11, 2021 (Understanding the CMMC assessment guides)
- July 26, 2021 (Should we be swimming or treading water?)
- June 14, 2021 (First authorized C3PAO encourages scope reduction)
- June 2, 2021 (Biden’s EO, Salazar’s testimony and the future of the CMMC)
- April 28, 2021 (It's Not Something You buy)
- April 14, 2021 (It's a Marathon, Not a Sprint) -- technical debt
- March 22, 2021 (Understanding Multi-Factor Authentication)
- March 1, 2021 (If it isn't written down, it doesn't exist)
- February 25, 2021 (The assessment process: evidence, the assessment plan, physical assessment, readiness review)
- February 22, 2021 (The assessment process: templates, context & intent)
- February 17, 2021 (Hot Topics: cloud security, scoping)
- February 11, 2021 (Hot Topics: self-assessment, pilot contracts & flowdown )
- February 2, 2021 (Choosing the best people/orgs to help you)
- January 25, 2021 (The CMMC Process, Path to Compliance)
- January 21, 2021 (Follow the data, Assessment or Audit?)
- January 18, 2021 (What is process maturity? Documentation requirements)
- December 7, 2020 (CMMC Assessment Guides, RP/RPO, intro workshop Dec 15)
- November 18, 2020 (SPRS assessment score required for ALL, common issues in DIBCAC assessments and the first 15 contracts coming out soon)
- November 5, 2020 (Lessons from a Provisional Assessor, more on the SPRS assessment score requirement)
- October 26, 2020 (The interim rule is out, and it has a few surprises!)
- October 13, 2020 (The time to prepare is now, Start with a gap analysis and Primes, start talking to your subs)
- Introduction