On October 11, 2024, the U.S. Department of Defense (DoD) at long last published a final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program (the Final Rule). Designed to ...

Let's face it: Cybersecurity threat risk isn't going anywhere, and it's only going to get worse. This realization caused the Department of Defense (DoD) to create the Cybersecurity Maturity Model ...

Security operations rarely fail because of a lack of tools. They fail because the operating model never kept pace with the tooling. The stack grows. Alerts increase. The board asks sharper questions.

Regulatory compliance is a fact of life for most supply chains. A key enabler for a successful organization is to understand the complex regulatory environment and build compliance into their ...

Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, ...

Response to detected offenses (including remediation of harm caused by criminal conduct) and corrective action plans (including assessment and modification of the compliance and ethics program); and ...

In general, higher-maturity learning programs are more effective at mitigating people risk by aligning employee behaviors to compliance standards and corporate values. They adhere more closely to DOJ ...