FedRAMP Rev. 4 vs. Rev. 5: Summary of Changes
By Chor-Ching Fan Summary: Major change between FedRAMP Rev. 4. vs. Rev. 5: security controls, privacy, supply chain risk management The transition from FedRAMP Rev. 4 to Rev. [...]
CMMC Waiver Process & May 2022 Updates
By Chor-Ching Fan & David Trout Contractors awaiting an update from the DoD rulemaking process to firm up CMMC requirements recieved some insight [...]
Do or Delegate…Achieving Compliance in a Shared Responsibility World
By Chor-Ching Fan & David Trout Businesses can relieve many security and compliance burdens by using cloud services provided by Amazon AWS or [...]
Common Core Controls – A Strategy Rizkly Supports
By Chor-Ching Fan When facing a tight compliance deadline, you might not want to think about anything but satisfying the security controls that [...]
Summary of Proposed CMMC 2.0 Requirements
By Chor-Ching Fan & David Trout In a letter dated November 1, 2021 from Patricia L. Toppings, OSD Federal Register Liason Officer, the [...]
The Compliance Advisory Cost Conundrum
By David Trout & Chor-Ching Fan Today, businesses of all sizes face growing challenges from compliance requirements. Staying in compliance requires more skill, experience, and knowledge than ever before. [...]
ICS/SCADA: Security and Compliance for Critical Infrastructure
By Celia Baker Security is vital for the continued performance and safety of the Industrial Control Systems (ICS) that help manage operations for oil and gas refineries, nuclear plants, [...]
DoD Revs Up Emphasis on 800-171 with Scoring Requirement
By Chor-Ching Fan When the recently released CMMC Interim Rule (DFARS Case 2019-D041) takes effect on November 30, 2020, the Department of Defense (DoD) will require defense contractors to [...]
DFARS & CMMC: Remediations Strategies & The Role of POAMs
Cyber Bytes Foundation, TCecure and Rizkly team up to share DFARS and CMMC remediation strategies and discuss the role of POAMs to enhance [...]
Unpacking DFARS 800-171 R2 & CMMC 1.0 Requirements
Cyber Bytes Foundation and Rizkly unpack the NIST 800-171 and CMMC requirements, review operational impacts and discuss the elements of addressing each practice/control. [...]