112Cyber Resource Center
Guidance from Certified CMMC Assessors
C3PAO Interview Checklist: 10 Evaluation Criteria
Not all C3PAOs are created equal. Before you sign an engagement, these are the questions that separate credible assessors from expensive mistakes — organized by
A Guide to External Service Providers (ESP) and CMMC Certifications
In the Defense Industrial Base (DIB), External Service Providers (ESPs) are becoming increasingly common. ESPs, also commonly referred to as Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), or
FIPS Encryption Requirements in CMMC and NIST SP 800-171
When handling Controlled Unclassified Information (CUI), compliance with NIST SP 800-171 and the CMMC framework mandates strict data protection measures—including the use of FIPS-validated encryption
CMMC Compliance in 2026: How Did We Get Here and What’s Coming Next
2025 was the year CMMC stopped being theoretical and started impacting contracts, costs, and careers. For defense contractors, certification is no longer just compliance; it’s a competitive edge, a risk mitigation strategy, and
Top 10 CMMC Resources: What OSCs Found Most Helpful
2025 was a year of undeniable progress when it came to the establishment and enforcement of CMMC (Cybersecurity Maturity Model Certification). As we left 2025 and CMMC moved
Where Can You Store CUI and FCI?
Proper storage of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) is at the core of a healthy and satisfactory compliance program. The issue?
ISC2 2025: Our Top 8 CMMC Observations
We recently attended one of the most anticipated cybersecurity conferences of the year—ISC2 Security Congress 2025. Held at the Gaylord Opryland Nashville, thousands gathered to
Timeline of CMMC Phases and Contractor Requirements: A Quick Guide
It’s official, 48CFR has been published and the CMMC Phase 1 rollout is just 60 days away. Defense Industrial Base (DIB) contractors are understandably beginning
Whitepaper: Continuous Controls Monitoring in CMMC Level 2 Compliance: An In-Depth Exploration of Control 3.12.3
In CMMC, continuous monitoring stands as a pivotal component in safeguarding sensitive information. For organizations aiming to achieve Cybersecurity Maturity Model Certification (CMMC) Level 2
CMMC News: DIBNet Updates for Incident Reporting
You’re more than aware of CMMC’s ever-changing nature—we sure are! From publication dates, commentary periods, and everything between, it’s hard to keep up. That’s why