Riding the Department of Defense Compliance Roller Coaster There are many quotes about the importance of “staying the course.” As we look toward the latest CMMC 2.0 announcement from the Department of Defense (DoD), these words ring true. Since 2016,  Security Vitals has helped organizations address DoD compliance requirements, and it’s been an eventful journey....Read More

In early October, Deputy Attorney General Lisa O. Monaco announced a Civil Cyber-Fraud Initiative to combat cyber threats in the supply chain. Efforts will focus on identifying defense and other government contractors that are not adhering to required cybersecurity standards. Read more about the announcement here – Deputy Attorney General Lisa O. Monaco Announces New...Read More

Suppliers are Required to Submit Details on Progress The Department of Defense released new details on an interim requirement for vendors that requires a near term NIST 800-171 self-assessment. The process requires participants to score compliance with each of the 110 controls defined in NIST 800-171. Completed assessment scores must be uploaded to Supplier Performance...Read More

As COVID-19 impacted operations for many businesses across the world, a work from home environment has quickly become a new normal for many employees. In WFH scenarios, company and client data is exchanged between desktop devices and servers that reside in corporate facilities or the cloud. How that data is managed in transit and at...Read More

The Department of Defense (DoD) issued a Notice and Request for Comment on draft guidance that DoD proposes for assessing contractors’ System Security Plans (SSPs) and their implementation of the security controls in NIST Special Publication 800-171. DFARS 252.204-7012 requires defense contractors to provide security for networks where covered defense information is processed, stored, or...Read More