Blog2018-08-04T20:45:56-04:00

Keep up-to-date on our latest thoughts about Information Security at Peak InfoSec

The Blogs & Vlogs on this page represent one of our core values:  Pass on our knowledge to both businesses and the Information Security community.  Our goal is to leave the up and coming generation of Information Security Professionals and their C-Suite executives better prepared for future Information Security risks.

Why?  Because there is nothing really new under the sun and we have found the lessons of our past are just as applicable today.  We have found lessons dating back to mainframes, bus-and-tag, and dial-up connections still apply today.

The Blogs, Vlogs, and other content on the site reflect that commitment.

Please provide us your comments, feedback, and add in your wisdom via our comments.

As the CMMC Churns | CMMC Training on the Cheap for SMBs

As the CMMC Churns goes live!! This episode is "SMB Ways to meet CMMC Training Requirements" Are you a small business leader who needs to meet CMMC training requirements and your budget is limited? Perfect! In this Churns session, we will cover how Peak InfoSec completed its CMMC certification event and spent no money on training. Yep, zero [...]

NIST SP 800-171 and CMMC Level 2 Assessment Scoping Infographic Whitepaper

Commentary This document was created on 6 November 2022 and has not been revised, yet. This document and the infographic will be revised when the CMMC Interim Rule is published. Foundational Premises of the Infographic The foundational premises of this infographic are: Department of Defense (DoD) contractors in the Defense Industrial Base (DIB) are legally and contractually obligated to [...]

As the CMMC Churns – The CMMC Seven Stages of Grief

Is your organization stuck in the CMMC Seven Stages of Grief? Sadly, the malady is not sarcasm to get you to watch this video.   Just as individuals grieve during a personal loss, organizations and their staff grieve also during culture changes. CMMC is an incredible and frightening culture changer for many organizations.  Because we specialize in Information [...]

As the CMMC Churns | Managed Service Provider Ghost Stories

Welcome to the Halloween edition of As the CMMC Churns. In this edition we will regale the watched with real world ghost stories that drove their client, an Organization Seeking Certification, into non-compliance and scared their compliance person to deaaaathhh!!! Not really, but they sure were anxious for a while.

White Paper | Debunking CMMC Assessment Scope Myths

The Problem The Cybersecurity Maturity Model Certification (CMMC) Assessment Scope – Level 2 Guide is misleading cybersecurity professionals into underapplying National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” information security requirements (a.k.a., CMMC Practices). This is putting Organizations Seeking Compliance (OSC) at risk of failing their [...]

How much is a CMMC Conformity Assessment going to cost???

"How much is a CMMC Conformity Assessment going to cost???" The foremost favorite question every Organization Seeking Compliance (OSC) is asking CMMC 3rd Party Assessor Organizations (C3PAO) right now. While this episode won't answer that question for you, it will let you know factors we have to take into account when figuring out your Conformity Assessment estimated costs. [...]

Information Security Turnaround Specialists

Go to Top