Leveraging Managed Security Service Providers for NIST 800-171 and CMMC Compliance in the Defense Supply Chain

Feb 28, 2024 Lazarus Alliance 0 Comment

The complex relationships between government agencies, third-party vendors, and managed service providers form a challenging web of connections that comprise the DoD digital supply chain. Both NIST 800-171 and CMMC address these at various points, expecting providers to adhere to complex security requirements. These requirements can become so complex that they may turn to Managed Service Providers (especially those in the security space) to help them maintain compliance.

This article will cover how an MSSP can help you streamline compliance across frameworks like NIST 800-171 and CMMC.

CMMC 2.0 Updates: More Contractors Expected to Require Full CMMC Certification

Apr 7, 2022 Lazarus Alliance 0 Comment

With the Department of Defense unveiling CMMC version 2.0 last November, many contractors breathed a sigh of relief. The relaxed assessment requirements and streamlined structure signaled a willingness from the DoD to work with assessors and contractors to find a way to promote security over Controlled Unclassified Information (CUI) without making the process harder than it needed to be.

What is the Difference Between DFARS and CMMC?

Mar 16, 2022 Lazarus Alliance 0 Comment

Security and compliance are paramount in the defense industry–even for unclassified information, like Controlled Unclassified Information (CUI). The operations of these particular industries call for the utmost discretion, and all stakeholders must be on the same page.

As modern digital infrastructure makes its way into the defense supply chain, it’s equally crucial for contractors and business operators to meet these exact requirements. That’s why the Department of Defense (DoD) has created two different cybersecurity frameworks over the past few decades–the Defense Acquisition Federal Regulation Supplement (DFARS) and the Cybersecurity Maturity Model Certification (CMMC) framework.