Home » Featured Resources » The Relationship Between CMMC and NIST SP 800_171 White Paper

× Share this Presentation

Facebook
Twitter
Email
LinkedIn

The Relationship Between CMMC and NIST SP 800_171 White Paper

March 12, 2021 Redspin, Inc.

Share this Flipbook
Facebook
Twitter
Email
LinkedIn

NIST SP 800-171 (Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) is a federal government standard the provides minimum requirements for non-federal agencies (i.e., Department of Defense contractors) to adequately protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).

In the past, self-attestation was the only requirement. As the threat landscape became more aggressive, an advanced cybersecurity maturity model, called the Cybersecurity Maturity Model Certification (CMMC) framework, was developed to improve the cybersecurity posture of the Defense Industrial Base (DIB) to adequately protect CUI/FCI.

About the Author

Redspin is a leading provider of risk assessments using various frameworks including NIST CSF, CMMC-AB, ISO 27001, PCI DSS, and healthcare cybersecurity consulting. We’ve helped many Fortune 500 and leading growth companies in highly regulated industries including government, financial, technology, and manufacturing improve their cyber readiness and resiliency through a strategic and proven approach to reduce cyber risks and safeguard sensitive information.
Follow on Twitter Follow on Linkedin Visit Website More Content by Redspin, Inc.

Four CMMC actions to take right now

Caleb Barlow, CEO of Cynergistek discusses ways to improve CMMC readiness once the DoD comes knocking.

Our Thoughts on CMMC Level 3 Assessments

As a candidate C3PAO undergoing our own Level 3 assessment by the Defense Industrial Base Cybersecurity Ass...

Other content in this Stream

14:05

CMMC Level 3: Four Lessons Learned From an Authorized C3PAO - Part 1

As the 1st organization to pass a CMMC Level 3 assessment, Redspin’s CISO, Thomas Graham, and CMMC Provisional Assessor, Tony Buenger share a few lessons learned from Redspin’s CMMC Level 3 Assessment

Watch Video

CMMC Level 3: Four Lessons Learned from an Authorized C3PAO- Lesson 1

Redspin's CISO and CMMC Registered Practioner Dr. Thomas Graham, and CMMC Provisional Assessor Tony Buenger share the first of four lessons Redspin learned while going through the CMMC Level 3...

Read Article

Redspin Announces it is the First Organization to Pass DoD’s Cybersecurity Maturity Model Certification Level 3 Assessment

Redspin, a division of CynergisTek, is the first organization to successfully pass the CMMC Level 3 certification as a Candidate CMMC Third Party Assessor Organization (C3PAO).

Read Article

How to Effortlessly Keep Up With CMMC News & Updates

In this episode, we introduce CMMC-Spin a bi-weekly feature that delivers CMMC content directly to your inbox. Redspin's CISO, Dr. Thomas Graham, CMMC Sales Director Jeremy Mares, and CMMC...

Read Article

Four CMMC actions to take right now

Caleb Barlow, CEO of Cynergistek discusses ways to improve CMMC readiness once the DoD comes knocking.

Read Article

Our Thoughts on CMMC Level 3 Assessments

As a candidate C3PAO undergoing our own Level 3 assessment by the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC), this experience has provided our team here at Redspin with insights.

Read Article

Continuous Pen-Testing: What is it & Why is it Awesome?

We are shifting gears away from CMMC content this week and bring you an episode focused on the ever-exciting topic that is pen-testing. Ben Denkers of Redspin and Patrick Guay of Pcysys join us...

Read Article

The RP Episode

In this episode, get to know a few of our diverse group of CMMC Registered Practitioners, also known as "RPs", many of whom you may already be familiar with as they have been consulting with...

Read Article

0:36

Caleb Barlow Discusses Randsomware

Watch Video

Your CMMC Questions, Answered - Part 1

You asked the questions and in this episode, we answer them! This week, Tony Buenger responds to audience questions that were asked during March 25th, 2021's "Maneuvering Through The Minefield of...

Read Article

Offensive Security Services

Redspin's offensive security services test an organization's environment and people to validate the effectiveness against cyber attacks.

Read Flipbook

CMMC Scoping Environment

Scoping determines the boundaries where Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) is stored, processed, and exchanged within the Department of Defense (DoD).

Read Flipbook

Redspin Talks With Helve Longoria, CISO at FIU About CMMC

This week, special guest Helve Longoria, the CISO at Florida International University (FIU) joins Tony and Rob on the discussion of FIU needing a CMMC assessment.

Read Article

Microsoft Exchange Server Breach

In this infographic, we depict Microsoft Exchange Server Breach response procedures if exploitation activity is discovered.

Read Article

8:29

All Things CMMC from a C3PAO - Part 4 Preparing for a CMMC assessment

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

Watch Video

Getting to Know Tony Buenger, CMMC Provisional Assessor

In this episode, we feature Tony Buenger to discuss his journey career and discuss what cybersecurity, compliance, and privacy mean to him.

Read Article

8:52

All Things CMMC from a C3PAO - Part 3 The CMMC Process

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

Watch Video

1:00:15

API Security 101: Establishing and Managing a Secure API Program

APIs have the potential to expose and often become subject to malicious attacks causing API vulnerabilities to often be the source behind major data breaches. Attend this webinar to learn how to secu

Watch Video

8:02

All Things CMMC from a C3PAO - Part 2 Understanding the CMMC Levels

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

Watch Video

API Sentry Service Overview Sheet

API Sentry brings the visibility needed to understand risks associated with APIs and combines Redspin’s security and analytics expertise with sophisticated API security testing technology.

Read Flipbook

Return to Home

The Relationship Between CMMC and NIST SP 800_171 White Paper

About the Author

Previous Article

Next Article