Breaking it Down: Why CRMAs Must Implement NIST SP 800-171 Requirements

Clarifying CRMA Obligations and Assessment Expectations This position article addresses common misunderstandings surrounding Contractor Risk Managed Assets (CRMAs). Effectively managing CRMAs is crucial for organizations striving to comply with NIST SP 800-171 Level 2 requirements under the Cybersecurity Maturity Model Certification (CMMC). While CRMAs are not intended to process, store, or transmit Controlled Unclassified Information…

Our Biggest Release of 2024 – FutureFeed 6.0

Our Biggest Release of 2024 – FutureFeed 6.0

FutureFeed is thrilled to announce the release of FutureFeed 6.0! After 18 months of development, this major upgrade brings powerful new features and expanded framework support to streamline your compliance processes and enhance user experience. New Framework Support FutureFeed 6.0 now supports an expanded range of compliance frameworks, including: With more frameworks in development, FutureFeed…

The Final CMMC Rule Explained: Key Takeaways

The Final CMMC Rule Explained: Key Takeaways

The eagerly awaited CMMC (Cybersecurity Maturity Model Certification) final rule has now been published in the Federal Register, and while it may not be an easy read, its importance cannot be overstated. This article, based on a recent joint webinar presented by FutureFeed, NeoSystems, and Holland & Knight, will distill the essentials of the final…

GRC Tools: What to Look For

GRC Tools: What to Look For

Governance, Risk, and Compliance (GRC) frameworks are essential for organizations navigating the complex regulatory landscape. Whether you’re working toward immediate certification, like the Cybersecurity Maturity Model Certification (CMMC), or looking to improve long-term strategic decision-making, the right GRC tools can be a game changer. Here’s how a well-chosen GRC system can address both your short-term…

DoD Takes Next Step Toward CMMC

DoD Takes Next Step Toward CMMC

When it introduced CMMC 2.0 in 2021, the United States Department of Defense signaled that it was simultaneously both softening some of the requirements that were in early versions of its Cybersecurity Maturity Model Certification (“CMMC”) program and taking a more structured approach to implementing CMMC. As part of that structured implementation, DoD formalized CMMC by crafting an…

Disseminating CUI to Others

Disseminating CUI to Others

Controlled Unclassified Information (“CUI”) is sensitive, unclassified information. This means that not only must CUI not be available to the general public, but also that access to the information must not be granted to anyone unless they have a “lawful government purpose” to handle that information. Things get even a little more confusing when CUI is subject to export controls,…

End of content

End of content