Latest Perspectives
-
DoW Publishes Final CMMC Rule: A New Era of Cybersecurity Accountability in the Defense Supply Chain
On Wednesday, September 10, 2025, the Department of War (DoW) will publish the Final Rule integrating the Cybersecurity Maturity Model Certification (CMMC) into Title 48 of the Code of Federal Regulations. The rule becomes effective November 10, 2025, and begins…
-
Scoping: The First Step on Your CMMC Journey
Getting off on the right foot is essential Embarking on the path to Cybersecurity Maturity Model Certification (CMMC) is a pivotal moment for any organization in the defense industrial base. Just like planning a cross–country road trip, your success depends…
-
Mastering Responsibility Matrices
CRMs and SRMs Harmonizing Responsibility in Cybersecurity Compliance In cybersecurity compliance—especially when preparing for a CMMC assessment—unclear delineation of responsibility can lead to missed requirements, failed assessments, and security breakdowns. Enter the Customer Responsibility Matrix (CRM) and Shared Responsibility Matrix…
-
CMMC | Cybersecurity | Webinar
FutureFeed Explorers Webinar Series: Mastering Configuration Items (CIs)Â
Maintaining baseline configurations for IT products isn’t just a best practice—it’s a necessity for security and compliance. In the ever-evolving landscape of cybersecurity, organizations must demonstrate not only that they have policies in place but that they enforce them effectively. …
-
Breaking it Down: Why CRMAs Must Implement NIST SP 800-171 Requirements
Clarifying CRMA Obligations and Assessment Expectations This position article addresses common misunderstandings surrounding Contractor Risk Managed Assets (CRMAs). Effectively managing CRMAs is crucial for organizations striving to comply with NIST SP 800-171 Level 2 requirements under the Cybersecurity Maturity Model…
-
Advancing Compliance Education at FutureFeed
As the new Director of Compliance Education at FutureFeed, I’m thrilled to join a team that has already established itself as a leader in helping organizations navigate complex compliance frameworks like NIST SP 800-171. FutureFeed provides a solid foundation of…
-
FutureFeed at CEIC East 2024: Insights, Innovation, and Looking AheadÂ
Hello, friends! When I walked into the dazzling Gaylord National Resort & Convention Center in Maryland for CEIC East 2024, I felt an electric charge in the air. This wasn’t just another cybersecurity conference; it was a gathering of trailblazers,…
-
CMMC | Cybersecurity | NIST 800-171 | Webinar
Our Biggest Release of 2024 – FutureFeed 6.0
FutureFeed is thrilled to announce the release of FutureFeed 6.0! After 18 months of development, this major upgrade brings powerful new features and expanded framework support to streamline your compliance processes and enhance user experience. New Framework Support FutureFeed 6.0…
-
CMMC | Conference | Cybersecurity | NIST 800-171 | Webinar
The Final CMMC Rule Explained: Key Takeaways
The eagerly awaited CMMC (Cybersecurity Maturity Model Certification) final rule has now been published in the Federal Register, and while it may not be an easy read, its importance cannot be overstated. This article, based on a recent joint webinar…
-
CMMC | Cybersecurity | NIST 800-171 | Webinar
GRC Tools: What to Look For
Governance, Risk, and Compliance (GRC) frameworks are essential for organizations navigating the complex regulatory landscape. Whether you’re working toward immediate certification, like the Cybersecurity Maturity Model Certification (CMMC), or looking to improve long-term strategic decision-making, the right GRC tools can…
-
CMMC | Cybersecurity | DoD | NIST 800-171
DoD Takes Next Step Toward CMMC
When it introduced CMMC 2.0 in 2021, the United States Department of Defense signaled that it was simultaneously both softening some of the requirements that were in early versions of its Cybersecurity Maturity Model Certification (“CMMC”) program and taking a more structured approach…
-
Disseminating CUI to Others
Controlled Unclassified Information (“CUI”) is sensitive, unclassified information. This means that not only must CUI not be available to the general public, but also that access to the information must not be granted to anyone unless they have a “lawful government purpose” to handle that…
-
NIST Releases Final Versions of SP 800-171 Rev. 3 and SP 800-171A Rev. 3
The National Institute of Standards and Technology (NIST) has published the final versions of Special Publications (SP) 800-171 Rev. 3 and 800-171A Rev. 3. These publications are crucial for organizations handling Controlled Unclassified Information (CUI) and provide updated guidelines for assessing and implementing…
-
CMMC | Cybersecurity | NIST 800-171 | Webinar
Access the CMMC Mock Assessment Webinar Materials
Welcome to the post-webinar resource page for our “Navigating the Unknowns: A Live Mock CMMC Assessment Demonstration.” Below, you’ll find access to both the recording of the session and the presentation slides from the webinar held on May 2nd for…
-
32 CFR Part 236 Rule Change Finalized
The rule change to 32 CFR Part 236 primarily modifies the Defense Industrial Base (DIB) Cybersecurity (CS) Program to expand eligibility and streamline cyber incident reporting requirements among defense contractors. Here’s a comprehensive summary of the significant changes and their…
-
Scoping: The First Step on Your CMMC Journey
Getting off on the right foot is essential Embarking on the path to Cybersecurity Maturity Model Certification (CMMC) is a pivotal moment for any organization in the defense industrial base….
-
Mastering Responsibility Matrices
CRMs and SRMs Harmonizing Responsibility in Cybersecurity Compliance In cybersecurity compliance—especially when preparing for a CMMC assessment—unclear delineation of responsibility can lead to missed requirements, failed assessments, and security breakdowns….
-
CMMC | Cybersecurity | Webinar
FutureFeed Explorers Webinar Series: Mastering Configuration Items (CIs)Â
Maintaining baseline configurations for IT products isn’t just a best practice—it’s a necessity for security and compliance. In the ever-evolving landscape of cybersecurity, organizations must demonstrate not only that they…
-
Breaking it Down: Why CRMAs Must Implement NIST SP 800-171 Requirements
Clarifying CRMA Obligations and Assessment Expectations This position article addresses common misunderstandings surrounding Contractor Risk Managed Assets (CRMAs). Effectively managing CRMAs is crucial for organizations striving to comply with NIST…
-
Advancing Compliance Education at FutureFeed
As the new Director of Compliance Education at FutureFeed, I’m thrilled to join a team that has already established itself as a leader in helping organizations navigate complex compliance frameworks…
-
FutureFeed at CEIC East 2024: Insights, Innovation, and Looking AheadÂ
Hello, friends! When I walked into the dazzling Gaylord National Resort & Convention Center in Maryland for CEIC East 2024, I felt an electric charge in the air. This wasn’t…
-
CMMC | Cybersecurity | NIST 800-171 | Webinar
Our Biggest Release of 2024 – FutureFeed 6.0
FutureFeed is thrilled to announce the release of FutureFeed 6.0! After 18 months of development, this major upgrade brings powerful new features and expanded framework support to streamline your compliance…
-
CMMC | Conference | Cybersecurity | NIST 800-171 | Webinar
The Final CMMC Rule Explained: Key Takeaways
The eagerly awaited CMMC (Cybersecurity Maturity Model Certification) final rule has now been published in the Federal Register, and while it may not be an easy read, its importance cannot…
-
GRC Tools: What to Look For
Governance, Risk, and Compliance (GRC) frameworks are essential for organizations navigating the complex regulatory landscape. Whether you’re working toward immediate certification, like the Cybersecurity Maturity Model Certification (CMMC), or looking…
-
CMMC | Cybersecurity | DoD | NIST 800-171
DoD Takes Next Step Toward CMMC
When it introduced CMMC 2.0 in 2021, the United States Department of Defense signaled that it was simultaneously both softening some of the requirements that were in early versions of its Cybersecurity Maturity…
-
Disseminating CUI to Others
Controlled Unclassified Information (“CUI”) is sensitive, unclassified information. This means that not only must CUI not be available to the general public, but also that access to the information must not be granted to anyone…
-
NIST Releases Final Versions of SP 800-171 Rev. 3 and SP 800-171A Rev. 3
The National Institute of Standards and Technology (NIST) has published the final versions of Special Publications (SP) 800-171 Rev. 3 and 800-171A Rev. 3. These publications are crucial for organizations handling Controlled Unclassified…
-
CMMC | Cybersecurity | NIST 800-171 | Webinar
Access the CMMC Mock Assessment Webinar Materials
Welcome to the post-webinar resource page for our “Navigating the Unknowns: A Live Mock CMMC Assessment Demonstration.” Below, you’ll find access to both the recording of the session and the…
