CMMC

The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) developed the Cybersecurity Maturity Model Certification (CMMC) framework to safeguard sensitive national security information and launched CMMC 2.0, a comprehensive framework to protect the defense industrial base from increasingly frequent and complex cyberattacks.

Read More

NIST 800-171

NIST 800-171 is directed towards non-government entities, while NIST 800-53 is targeted for use by government institutions. NIST SP (Special Publication) 800-171 focuses primarily on providing security requirements for all government contractors and service providers in the supply chain.

Read More

FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP®) was established in 2011 to provide a cost-effective, risk-based approach for the adoption and use of cloud services by the federal government. If your organization wants to provide any of these services to the federal government, consider FedRAMP as the pathway.

Read More

StateRAMP

StateRAMP provides a comprehensive security framework designed to improve cloud security for state and local governments. It delivers a uniform approach to verifying that cloud service providers (CSPs) meet the standards and regulations needed to do business with state and local governments.

Read More