The Department of Defense has made a significant push to improve the security of its cyberinfrastructure and supply chain (known as the Defense Industrial Base), and the result of this push is the Cybersecurity Maturity model Certification (CMMC) initiative. This framework uses existing security guidelines to provide an overview of necessary security requirements for federal contractors working with the DoD.

This framework isn’t just for large corporations. Many DoD agencies work with small and mid-sized businesses to leverage flexible cloud platforms, SaaS technology, or other IT services. That’s why it is just as important for SMBs to consider the impact of CMMC on their business now and over the next 5 years.

Awareness Frameworks

Core StateRAMP Reports for Provider Certification

Feb 19, 2021 Continuum GRC 0 Comment

StateRAMP, like any other compliance framework, includes several reports to document a provider’s progress through certification for the Program Management Office (PMO). As of February 2021, however, the PMO is still spinning up its resources and and StateRAMP reports templates. As such, many required report templates are slated for availability on the StateRAMP website but are as of yet not published.

Awareness Frameworks

Breaking Down the StateRAMP Requirements

Feb 3, 2021 Continuum GRC 0 Comment

Government agencies are expanding their civil services, and that includes a huge investment into modern technology like cloud platforms. Cloud platforms supporting government agencies will necessarily handle private data, which means that they need to maintain a high level of security. That’s where StateRAMP comes in.