Keep up-to-date on our latest thoughts about Information Security at Peak InfoSec
The Blogs & Vlogs on this page represent one of our core values: Pass on our knowledge to both businesses and the Information Security community. Our goal is to leave the up and coming generation of Information Security Professionals and their C-Suite executives better prepared for future Information Security risks.
Why? Because there is nothing really new under the sun and we have found the lessons of our past are just as applicable today. We have found lessons dating back to mainframes, bus-and-tag, and dial-up connections still apply today.
The Blogs, Vlogs, and other content on the site reflect that commitment.
Please provide us your comments, feedback, and add in your wisdom via our comments.
As the CMMC Churns | Tips about FIPS Part 1
Has 3.13.11, the use of FIPS validated encryption, sent your organization through the Seven Stages of CMMC Grief? Does the use of FIPS validated encryption have you befuddled? FIPS is confusion and complicated. In this episode of "As the CMMC Churns," we are going to dive into the requirements surrounding the usage of FIPS validated encryption. The goal [...]
DIBCAC Gaps
Did you know the Defense Industrial Based Cybersecurity Assessment Center (DIBCAC) posted slides about what NIST SP 800-171 requirements were "Other Than Satisfied"? In this episode of As the CMMC Churns we will take a look at the report they posted and then take a look into the 5 requirements we think have the biggest bang for the [...]
As the CMMC Churns | Apple MacOS and CMMC
Does your business use Apple MacOS devices? Do you also have to implement NIST SP 800-171 and be CMMC accredited? Good news!!! Apple MacOS devices can be setup to fulfill NIST SP 800-171 and pass a CMMC accreditation event. How do we know??? Well, Peak InfoSec is a 100% Mac Shop. This episode of "As the CMMC Churns" [...]
As the CMMC Churns | Documenting Your Scope
Are looking to understand how to document your SSP? How does the NIST SP 800-171 Scope of Applicability and CMMC Assessment Scope fit in the SSP? In this "At the CMMC Churns," we take the Scope of Applicability, turn it into a diagram, and incorporate it into your SSP. Yes, incredibly exciting!!! A very foundational to building a [...]
As the CMMC Churns | Security Tactics for NIST SP 800-171 & CMMC “Specialized Assets”
Does your business have CMMC-defined "Specialized Assets"? Are you struggling to determine how to apply NIST SP 800-171 requirements to them? In this "As the CMMC Churns," we take a look at "Specialized Assets," or when broken down, government property, Internet of Things (IoT) devices, Operational Technology (OT), Restricted Information Systems, and Test Equipment and how to apply [...]
As the CMMC Churns | Acquisition 101 and the CMMC Rule… [Update #1]
How will the changes to the CMMC Rule going final affect your business? This special edition of As the CMMC Churns will help to clarify. Matt Titcombe, the CEO of Peak InfoSec will put on his old Air Force Program Manager hat to explain. By setting the backdrop of the Defense Acquisition System and the Federal Government's Fiscal [...]
Social Contact