NIST SP 800-171 & CMMC Infographics and Whitepapers

The following NIST SP 800-171 & CMMC Infographics and Whitepapers are provided for your organization’s benefit.

NIST SP 800-171 & CMMC Infographics

NIST SP 800-171 and CMMC Level 2 Assessment Scoping Process Diagram

Matthew Titcombe2024-05-12T13:34:25-04:00January 4th, 2023|

The process diagram is used to: Classify components per the NIST SP 800-171 Scope of Applicability Then categorize those components per the CMMC Level 2 Assessment Scoping Guide A separate diagram for classifying [...]

NIST SP 800-171 & CMMC Implementation in Three “Easy” Steps Infographic

Matthew Titcombe2024-05-10T20:30:09-04:00December 15th, 2022|

Yes, you too can implement NIST SP 800-171 in preparation for CMMC in just three "Easy" Steps. Yeah, there is a LOT of sarcasm in the "Easy." However, many people and organizations [...]

NIST SP 800-171 and CMMC Level 2 Assessment Scoping Infographic Whitepaper

Matthew Titcombe2024-05-12T13:35:17-04:00November 6th, 2022|

Commentary This document was created on 6 November 2022 and has not been revised, yet. This document and the infographic will be revised when the CMMC Interim Rule is published. Foundational Premises of the [...]

NIST SP 800-171 & CMMC Whitepapers

All of the Assessment Types

Matthew Titcombe2024-05-31T16:44:55-04:00May 31st, 2024|0 Comments

All of the Assessment Types A PDF version of this "Greenhorn's Guide to All of the Assessment Types" can be downloaded here: https://peakinfosec.com/wp-content/uploads/2024/05/All-of-the-Assessment-Types.pdf A Conformity Assessment??? What is an assessment? If [...]

Identifying Inactive Accounts via Sentinel

Matthew Titcombe2024-05-28T11:29:47-04:00May 28th, 2024|0 Comments

WARNING: The following whitepaper on Identifying Inactive Accounts via an Azure Sentinel analytic and watchlist is provided as-is with no guarantees of accuracy nor sufficiency & adequacy to fulfill the assessment objectives for 3.5.6, [...]

32 CFR Part 170 Word Document

Matthew Titcombe2024-05-11T19:58:04-04:00January 8th, 2024|0 Comments

Here is the MS Word version of the Draft 32 CFR Part 170, CMMC Program rule: PART_170—CYBERSECURITY_MATURITY MODEL_CERTIFICATION_PROGRAM

NIST SP 800-171 and CMMC Level 2 Assessment Scoping Infographic Whitepaper

Matthew Titcombe2024-05-12T13:35:17-04:00November 6th, 2022|0 Comments

White Paper | Debunking CMMC Assessment Scope Myths

Matthew Titcombe2024-05-12T13:35:36-04:00October 24th, 2022|0 Comments

The Problem The Cybersecurity Maturity Model Certification (CMMC) Assessment Scope – Level 2 Guide is misleading cybersecurity professionals into underapplying National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled [...]

CMMC 2.0 — DoD’s Pincer Movement

Matthew Titcombe2024-05-12T13:36:55-04:00November 28th, 2021|0 Comments

By Matthew Titcombe, CISSP, CMMC Provisional Assessor Lvl 1-3, CISO, Gigit; CEO, Peak InfoSec Definition of pincer movement 1: a military attack by two coordinated forces that close in on an enemy position from [...]

CMMC, Split Tunneling, and COVID

Matthew Titcombe2024-05-10T19:46:43-04:00April 7th, 2021|0 Comments

By Matthew Titcombe, CISSP, CMMC Provisional Assessor Lvl 1-3, CISO, Gigit; CEO, Peak InfoSec Not quite the normal title…. Cybersecurity Maturity Model (CMMC), Split Tunneling, and COVID. During the pandemic, many Department of Defense [...]

Be as Smart as a Fox

We share our knowledge and experiences so everyone can benefit

NIST SP 800-171 & CMMC Infographics and Whitepapers