Keep up-to-date on our latest thoughts about Information Security at Peak InfoSec
The Blogs & Vlogs on this page represent one of our core values: Pass on our knowledge to both businesses and the Information Security community. Our goal is to leave the up and coming generation of Information Security Professionals and their C-Suite executives better prepared for future Information Security risks.
Why? Because there is nothing really new under the sun and we have found the lessons of our past are just as applicable today. We have found lessons dating back to mainframes, bus-and-tag, and dial-up connections still apply today.
The Blogs, Vlogs, and other content on the site reflect that commitment.
Please provide us your comments, feedback, and add in your wisdom via our comments.
As the CMMC Churns and the Quest for the Lost Families of NIST
Are you ready to go on a CMMC Quest? We will be looking for the lost Families of NIST. A whirlwind tour through NIST SP 800-171 Appendix E, Tailoring. While not as exciting as being thrown into a pit of snakes, it is definitely in play today as NIST SP 800-171 begins the Revision process. Likewise, for businesses [...]
As the CMMC Churns: Good, Fast, or Cheap. Pick one, Punk!
So many Defense Industry organizations are making critical and costly errors. Are you? They fail to recognize the fundamental acquisition relationship between Good, Fast, or Cheap when it comes to implementing NISR SP 800-171 requirements to satisfy CMMC. In this episode of As the CMMC Churns, we channel a bit of spaghetti westerns to explain the relation between [...]
As the CMMC Churns: Moving the Pentagon
Did you know you have enough leverage to move the Pentagon? Is your Program Office and Contracting Officer not providing your organization guidance on CUI? While you may not have enough leverage to move the whole Pentagon, you do for at least your Program Office and Contracting Officer. This episode of "As the CMMC Churns" briefly explores the [...]
As the CMMC Churns: Scope Confusion (Part 2)
Are you confused about the CMMC Assessment Scope and how to apply it to your business? Do you think you don’t have to apply NIST SP 800-171 requirements to Contractor Risk Managed or Specialized Assets? Well for only…FREE, yes FREE, you can get all your confusion lifted and myths dispelled by watching this video. What a bargain!!!! This [...]
As the CMMC Churns: Scope Confusion (Part 1)
Is your organization confused about where to apply NIST SP 800-171 requirements? How does the DoD's CMMC Assessment Guide in? This entry into As the CMMC Churns is the 1st part in a two-parter where we lay out the confusion between the NIST SP 800-171 "Scope of Applicability" that organizations are required to apply and the CMMC Assessment [...]
As the CMMC Churns: 800-171A Sentences
Is your organization struggling with applying NIST SP 800-171A Assessment Objectives? This vlog builds on our previous one on Assessment Objective verbs (highly recommend watching that one first). In this we look at the actual Assessment Objectives of a practice and twist the sentence structure around to be more beneficial for three different use cases: your policies, your [...]
Social Contact