Blog

CyberChat #12 included information about the practices in the System & Information Integrity CMMC domain. We also discussed how to prepare for a CMMC assessment. Links to recording and presentation below.   CyberChat #12 Presentation   CyberChat #12 Recording

READ MORE »

In today’s CyberChat we discussed the following CMMC Domains: Risk Management, Security Assessment, Situational Awareness, System & Communications Protection. We also talked about how to vet cloud service providers, how to handle tele-working securely and how to secure mobile devices like smart phones. Presentation and recording below. Next week we will discuss the final CMMC […]

READ MORE »

Happy St. Patrick’s Day! CyberChat #10 focused on the following CMMC domains:  Media Protection, Personnel Security, Physical Security and Recovery. We had a great discussion about how the technical jargon in CMMC makes it difficult for the lay person to understand, and therefore become compliant. We also discussed the responsibility of software/tool providers to use […]

READ MORE »

In today’s CyberChat we worked on practices in the following CMMC Domains:  Configuration Management, Identification & Authentication, Incident Response and Maintenance. I encourage everyone to thoroughly review the information on the Incident Response Template link – Amira Armond provides a thorough explanation of how to plan and train for potential cybersecurity incidents, as well as […]

READ MORE »

We had lots of discussion in today’s CyberChat! DARPA just issued a CUI Guide for one of their programs. Includes lots of great information. We hope the rest of the DoD uses the guide as a model.  DARPA CUI Guide If you need guidance on developing your System Security Plan, take a look at this […]

READ MORE »

We have completed all the compliance prep work and are now diving into the CMMC Level 1 practices. Today we talked about how to use the CMMC Level 1 in a Box tool and discussed the practices in the Access Control Domain. CyberChat #7 Recording CyberChat #7 Presentation  

READ MORE »

Today we discussed how to perform a gap assessment to the 110 controls in NIST SP 800-171 using the DoD Assessment Methodology. Recording and slides below. CyberChat #6 Workshop Recording CyberChat #6- presentation- 2.17.21   See you all next Wednesday at 11:00!   Laura

READ MORE »

This week we discussed how to narrow audit scope to minimize costs and reduce risk. Links below to the recording, slides and Compliance Forge Scoping Guide.   CyberChat #5- presentation- 2.10.21 Compliance Scoping Guide CyberChat #5 Workshop Recording See you all next week!

READ MORE »

Today we discussed cybersecurity risks and how to develop a risk analysis. Performing a risk analysis is a critical step in determining the cybersecurity controls on which to focus. Many factors influence an organization’s risk profile, so there is no one-size-fits-all risk mitigation program. Good luck with your risk analysis, and don’t hesitate to contact […]

READ MORE »

I am really enjoying our weekly CyberChats! I hope the workshops are helping companies develop a cybersecurity quality management program. CyberChat #3 Recording CyberChat #3- presentation- 1.27.20   Hope to see everyone next week! Wednesday, February 3rd at 11:00 am.

READ MORE »