Blog
Welcome to our blog page, where you can stay up-to-date with all things CMMC and access information and best practices for protecting your organization’s sensitive data.
Redspin at RSA 2025: Spotlighting CMMC and the Defense Industrial Base
Learn about the role of ESPs, like Managed Service Providers and Cloud Service Providers, in your CMMC assessment.
What Does CMMC Mean for an OSC’s ESP?
Learn about the role of ESPs, like Managed Service Providers and Cloud Service Providers, in your CMMC assessment.
CMMC Highlights of 2024: Year in Review
Our gift to you: a year-end wrap-up featuring CMMC highlights and top resources to help protect our nation’s sensitive information
The Dark Side of CMMC Rulemaking
With the finalization of the 32 CFR rule, CMMC is now a mandatory requirement, and scheduling bottlenecks are already creating fierce competition for assessment slots—organizations must act swiftly to secure a C3PAO partner and avoid costly delays.
CMMC Compliance Faster in the Cloud
Securing DoD contracts with limited resources? Discover how managed cloud services can help small teams in the Defense Industrial Base (DIB) achieve CMMC compliance.
CMMC Rule is Final: What Does it Mean for You?
A first response to the drop of the final publication of 32 CFR for CMMC
CMMC in Contracts: The 48 CFR Proposed Rule Has Published
Learn about the new CMMC 2.0 DFARS requirements and their impact on defense contracts. Get insights into the proposed 48 CFR rule.
Making The Case for CMMC
Get the facts straight about CMMC. Dr. Thomas Graham addresses critics and provides expert clarification on the Cybersecurity Maturity Model Certification.
The Microsoft Windows Recall Feature: A Double-Edged Sword for Security and Privacy
Microsoft Windows Recall feature in Copilot Plua is powerful tool for productivity but has significant privacy and security concerns.
Navigating Temporary Deficiencies in FIPS 140-3 Validation for Updates to SPAs
Understand the significance of FIPS 140-3 validation for cryptographic modules and how it helps in meeting cybersecurity requirements.
Not Without a Warrant: Why Is CMMC Scoping Such a Challenge?
Uncover the challenges of CMMC scoping: why determining the scope is crucial for assessing home office environments.
The CMMC Proposed Rule Published, What That Means for DoD Contractors
What the CMMC Proposed Rule means for DoD contractors.
CMMC 2.0, The Phased Approach
Redspin’s Director of CMMC Services, Robert guides you through the phased approach to CMMC implementation.
The CMMC Proposed Rule Is Here and Open for Public Comments
The long-anticipated Cybersecurity Maturity Model Certification (CMMC) proposed rule has been released and the public comment period is now open.
Setting the Record Straight: CMMC Timelines
Recent False Claims allegations against Verizon and Penn State University shed light on the DOJ Civil Fraud Initiative and future for federal contractors.
How to Prepare for a CMMC Interview
A guide to help team mates prepare for a CMMC assessment interview
CMMC Scoping: Charting the Course for Comprehensive Cybersecurity Assessments
What is CMMC scoping and why it is so critical?
Facing the Consequences: Recent False Claims Under the DOJ’s Civil Fraud Initiative and What This Means for Federal Contractors
Recent False Claims allegations against Verizon and Penn State University shed light on the DOJ Civil Fraud Initiative and future for federal contractors.
CMMC 2.0 How to Get Started on This Vital Journey
A C3PAO is a certified third-party assessment organization approved by Cyber AB to conduct CMMC 2.0 assessments for CMMC certifications.
Seizing the Moment: CMMC, the Urgency to Act Now
The urgency to act is not just about the immediate availability of JSVAP assessment schedule; it’s about positioning your organization for long-term success because once the CMMC rule becomes final, numerous organizations will be fighting for certification.
Subscribe to our newsletter
Get started with Redspin Today
Helping you navigate CMMC.