You've written your Security Plan. Now what?

Jeff Stutzman

December 1, 2019

CMMC

You've written your Security Plan. Now what?

Companies who try to protect everything protect nothing.

I'm a meat and potatoes kinda guy. What's that mean? Stick with the basics and do them well. They've never done me wrong. There are reliable technologies and processes that I recommend for every company --build a strong foundation. Once done, identify holes that need fixing (based on risk) and fix them.

What are you afraid of most? Ransomware? Remote Access Trojans? What's most likely to attack you successfully --and hurt you the most? Ransomware can become an extinction event. So can not complying with the new government regulations.

Here's what I suggest…

Jeff Stutzman

December 1, 2019

CMMC

What is Controlled Unclassified Information (CUI)?

Jeff Stutzman

December 1, 2019

CMMC

What is Controlled Unclassified Information (CUI)?

What is CUI? There are 24 categories and 83 subcategories that define CUI data. If you do work for the government, this is important stuff.

Jeff Stutzman

December 1, 2019

CMMC

What Every Government Contractor Needs to Know Now

Jeff Stutzman

December 1, 2019

CMMC

What Every Government Contractor Needs to Know Now

Government contractors who don't have cybersecurity, beginning in the fall of 2020, may not be able to bid on new government contracts.

Yesterday afternoon I sat through a webinar with Katie Arrington, the head of the government's efforts to solidify cybersecurity in the DoD Supply Chain. Here's what I found out.

It started here; President Trump, May 2017, released Executive Order 13800 on "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." Since that time, there has been a dizzying array of orders, laws, recommendations, planning, and putting into action.