NIST SP 800-171 & CMMC Infographics and Whitepapers
The following NIST SP 800-171 & CMMC Infographics and Whitepapers are provided for your organization’s benefit.
NIST SP 800-171 & CMMC Infographics
NIST SP 800-171 and CMMC Level 2 Assessment Scoping Process Diagram
The process diagram is used to: Classify components per the NIST SP 800-171 Scope of Applicability Then categorize those components per the CMMC Level 2 Assessment Scoping Guide A separate diagram for classifying [...]
NIST SP 800-171 & CMMC Implementation in Three “Easy” Steps Infographic
Yes, you too can implement NIST SP 800-171 in preparation for CMMC in just three "Easy" Steps. Yeah, there is a LOT of sarcasm in the "Easy." However, many people and organizations [...]
NIST SP 800-171 and CMMC Level 2 Assessment Scoping Infographic Whitepaper
Commentary This document was created on 6 November 2022 and has not been revised, yet. This document and the infographic will be revised when the CMMC Interim Rule is published. Foundational Premises of the [...]
NIST SP 800-171 & CMMC Whitepapers
All of the Assessment Types
All of the Assessment Types A PDF version of this "Greenhorn's Guide to All of the Assessment Types" can be downloaded here: https://peakinfosec.com/wp-content/uploads/2024/05/All-of-the-Assessment-Types.pdf A Conformity Assessment??? What is an assessment? If [...]
Identifying Inactive Accounts via Sentinel
WARNING: The following whitepaper on Identifying Inactive Accounts via an Azure Sentinel analytic and watchlist is provided as-is with no guarantees of accuracy nor sufficiency & adequacy to fulfill the assessment objectives for 3.5.6, [...]
32 CFR Part 170 Word Document
Here is the MS Word version of the Draft 32 CFR Part 170, CMMC Program rule: PART_170—CYBERSECURITY_MATURITY MODEL_CERTIFICATION_PROGRAM
NIST SP 800-171 and CMMC Level 2 Assessment Scoping Infographic Whitepaper
Commentary This document was created on 6 November 2022 and has not been revised, yet. This document and the infographic will be revised when the CMMC Interim Rule is published. Foundational Premises of the [...]
White Paper | Debunking CMMC Assessment Scope Myths
The Problem The Cybersecurity Maturity Model Certification (CMMC) Assessment Scope – Level 2 Guide is misleading cybersecurity professionals into underapplying National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled [...]
CMMC 2.0 — DoD’s Pincer Movement
By Matthew Titcombe, CISSP, CMMC Provisional Assessor Lvl 1-3, CISO, Gigit; CEO, Peak InfoSec Definition of pincer movement 1: a military attack by two coordinated forces that close in on an enemy position from [...]
CMMC, Split Tunneling, and COVID
By Matthew Titcombe, CISSP, CMMC Provisional Assessor Lvl 1-3, CISO, Gigit; CEO, Peak InfoSec Not quite the normal title…. Cybersecurity Maturity Model (CMMC), Split Tunneling, and COVID. During the pandemic, many Department of Defense [...]
Social Contact