Watch as our SP6 Cyber Risk and Compliance experts share their experience with common issues clients face when working on becoming CMMC/DFARS compliant. We’ll walk through the top 7 while giving real-world examples, the consequences of these issues, and how you can proactively avoid them.

In October 2021, the U.S. Department of Justice (DOJ) took a monumental step toward curbing cybersecurity fraud among government contractors and grant recipients: The Civil Cyber-Fraud Initiative.   By leveraging the False Claims Act (FCA), the Initiative prosecutes government contractors, subcontractors, and grant recipients who knowingly fail to comply with federal cybersecurity mandates such as DFARS […]

We invited hundreds of organizations looking to become CMMC compliant in 2024 to submit questions and topics they wanted covered during our live webinar event. We then tailored the live agenda around these topics and compiled them under four main categories. Watch as our CMMC compliance experts cover the submitted questions live and give their […]

As the CMMC Final Ruling and Implementation progresses, many organizations are left wondering what to expect in the coming months, and 2025. Recently, it was confirmed that the CMMC Final Rule is near completion and was submitted for final review. In the waiting period for publication, we wanted to provide a quick guide on what organizations […]

Identifying how and where Controlled Unclassified Information (CUI) is stored, transmitted, and processed within your organization is a critical first step to achieving CMMC compliance. Many organizations overlook this step, however, leading to gap assessment fatigue, unwanted costs, and a lack of leadership and organizational buy-in.  In this article, we’ll break down everything you need […]

Watch this comprehensive webinar to learn which changes you should pay attention to in NIST SP 800-171 Revision 3, how these changes could affect your organization, and strategies to achieve your 2024 compliance goals. https://vimeo.com/948884019?share=copy Key Learning Objectives:  Understanding the new requirement families introduced in NIST SP 800-171r3 Learning the FISMA requirements that designate NARA […]

First, this blog is not about rushing you to select a C3PAO because the sky is falling. This is, however, a blog about choosing the right C3PAO so you don’t feel as if the sky is about to fall on you.  Selecting the correct C3PAO for your CMMC assessment should be as critical as selecting […]

Clearwater, FL – SP6, a leading cybersecurity and compliance firm, was ranked second on the 2024 Best Places to Work in Tampa Bay list in the Large (50 to 99 employees) category by the Tampa Bay Business Journal (TBBJ).  SP6 was among 60 companies honored on the 2024 Best Places to Work in Tampa Bay […]

Our team recently participated in CMMC Day 2024, a conference bringing together the top experts and industry leaders in the security compliance space. We had the privilege of hearing from CISOs, practice leaders, government officials, and more about the latest trends and insights in CMMC. Throughout our conversations, a few key themes emerged. Here are […]

Conducting a NIST 800-171 self-assessment — also known as a CMMC self-assessment or SPRS assessment — is a critical component of DFARS 252.204-7019 compliance. As a contractor, you’ll need to evaluate your organization against all 320 objectives and upload your score to the Supplier Performance Risk System (SPRS). In this guide, we’ll break down all […]