As the CMMC Churns: Procedure Myths Busted & Quarter Pounders???

October 4th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Is your business struggling to implement procedures for Cybersecurity Maturity Model Certification (CMMC)? Is your business chasing procedures for everything because of perceived compliance requirements coming from CMMC, NIST SP 800-171, and NIST SP 800-171A? Well, this [...]

As the CMMC Churns: The Little CMMC Engine that Could

September 14th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Are you struggling to get through Remediation Pass and over Conformity Hill? Well, today's story from As the CMMC Churns is all about "the Little CMMC Engine that Could." It is a classic story of the little [...]

As the CMMC Churns: Finger Pointing and the Customer Responsibility Matrix (CRM)

August 24th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Did you know your need a CRM for your CMMC Conformity Assessment? No, not a Customer Responsibility Management application--you need a Customer Responsibility Matrix (CRM). If you don't know: What a CRM is? Why it is needed? [...]

As the CMMC Churns and the Quest for the Lost Families of NIST

August 17th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Are you ready to go on a CMMC Quest? We will be looking for the lost Families of NIST. A whirlwind tour through NIST SP 800-171 Appendix E, Tailoring. While not as exciting as being thrown into [...]

As the CMMC Churns: Good, Fast, or Cheap. Pick one, Punk!

August 3rd, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

So many Defense Industry organizations are making critical and costly errors. Are you? They fail to recognize the fundamental acquisition relationship between Good, Fast, or Cheap when it comes to implementing NISR SP 800-171 requirements to satisfy [...]

As the CMMC Churns: Moving the Pentagon

July 26th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Did you know you have enough leverage to move the Pentagon? Is your Program Office and Contracting Officer not providing your organization guidance on CUI? While you may not have enough leverage to move the whole Pentagon, [...]

As the CMMC Churns: Scope Confusion (Part 2)

July 20th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Are you confused about the CMMC Assessment Scope and how to apply it to your business? Do you think you don’t have to apply NIST SP 800-171 requirements to Contractor Risk Managed or Specialized Assets? Well for [...]

As the CMMC Churns: Scope Confusion (Part 1)

July 11th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Is your organization confused about where to apply NIST SP 800-171 requirements? How does the DoD's CMMC Assessment Guide in? This entry into As the CMMC Churns is the 1st part in a two-parter where we lay [...]

As the CMMC Churns: 800-171A Sentences

July 5th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Is your organization struggling with applying NIST SP 800-171A Assessment Objectives? This vlog builds on our previous one on Assessment Objective verbs (highly recommend watching that one first).  In this we look at the actual Assessment Objectives [...]

As the CMMC Churns: Verbs

June 27th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Verbs???? Verbs are incredibly important to successfully pass a CMMC certification event. In this video, we break down verbs that affect how you shape your organization against those that you need to implement. Sadly, many organizations fail [...]

As the CMMC Churns: Understanding the CMMC Compliance Trap

June 21st, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Did you know when you submitted your SPRS score you may have tripped the CMMC compliance trap? The moment you signed up for a contract with the DFARS -7012 clause, you stepped into the trap. In this [...]

As the CMMC Churns: NIST SP 800-171 does NOT equal NIST SP 800-171A

June 13th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

In this episode of As the CMMC Churns, we take a look into how "any entity" is supposed to evaluate the implementation of NIST SP 800-171 using NIST SP 800-171A. This has big impacts as the evaluation [...]

As the CMMC Churns: Acquisition 101 and the CMMC Rule

June 6th, 2022|Categories: As the CMMC Churns, CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, VLOG|Tags: , , , , , , , , |

Welcome to the inaugural entry of "As the CMMC Churns." In this episode, we will lay out when to expect CMMC Interim Rule requirements to show up in contracts...and it won't be in 2023. This video very [...]

1 June 2022 || Peak InfoSec is now an Authorized C3PAO Press Release

June 1st, 2022|Categories: CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, News|Tags: , , , , , , , , , |

[PRESS RELEASE, 1 June 2022] Peak InfoSec is pleased to announce we are now an authorized Cybersecurity Maturity Model Certification (CMMC) Third-Party Assessor Organization (C3PAO). Overseen by the Department of Defense (DoD) and the CMMC Accreditation Body (CMMC-AB), [...]

25 May 2022 || Peak InfoSec is now an Authorized C3PAO

May 25th, 2022|Categories: CMMC, Compliance, DFARS & NIST SP 800-171, Information Security, News|Tags: , , , , , , , , , |

Matthew Travis, the CEO of the CMMC Accreditation Body formally authorized Peak InfoSec as an Authorized Cybersecurity Maturity Model Certification (CMMC) 3rd Party Assessor Organization.  

CMMC 2.0 — DoD’s Pincer Movement

November 28th, 2021|Categories: CMMC, Compliance, DFARS & NIST SP 800-171, Fundamentals, Information Security|Tags: , , , , , , , , |

By Matthew Titcombe, CISSP, CMMC Provisional Assessor Lvl 1-3, CISO, Gigit; CEO, Peak InfoSec Definition of pincer movement 1: a military attack by two coordinated forces that close in on an enemy position from different directions 2: a [...]

8-10 June 2021 || RMISC 2021: CMMC is coming…It’s not stopping with the DoD… Are you Ready?

April 25th, 2021|Categories: CMMC, Compliance, DFARS & NIST SP 800-171, Events, Information Security|Tags: , , , , , , , , , |

Join our CEO as he presents for a 3rd time at the Rocky Mountain Information Security Conference (RMISC) on "CMMC is coming…It’s not stopping with the DoD… Are you Ready?" Register at https://www.rmisc.org/

Information Security Turnaround Specialists