Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
A Refresher on NIST 800-171

By Erik Briceno

A Refresher on NIST 800-171

In a recent article, we wrote about the new DFARS rule and the new NIST “scorecard” system that the rule includes. In order to reach a perfect “score” of 110, companies vying for a government contract need to meet every requirement outlined in NIST 800-171.

In the past few years, we’ve covered NIST guidelines at length. However, there have been quite a few changes since we last wrote about them. For that reason, we’re putting out a quick refresher on the subject for readers who are unfamiliar with NIST compliance, as well as sources for some of the more recent, important updates to NIST standards.   Read more

target board with darts

By Erik Briceno

Your DoD Cyberscore and You

If you’re a government contractor, you’re probably at least partially familiar with NIST 800-171. Even if you don’t have every detail completely memorized, the vast majority of your cyber hygiene policies should be coming directly from NIST guidelines.

To assist in maintaining compliance with what’s outlined in NIST 800-171, we’ve been guiding several of our contractors with the intricacies of the NIST 800-171 “scorecard.” Supplier Performance Risk System, or SPRS, is essentially a score that reflects the contractor’s accomplishment of the NIST cybersecurity requirements. Here are the basics of how it works.   Read more

CMMC Is Complex, But You Need It If You Want to Do Business.

By Erik Briceno

CMMC Is Complex, But You Need It If You Want to Do Business

You have probably heard about Cybersecurity Maturity Model Certification lately, especially while looking for work in the Federal system. In a previous article, we talked a little about a new set of standards to meet in addition to NIST. As we mentioned, Cybersecurity Maturity Model Certification, or CMMC, is basically an extension of NIST 800-171. Today we’re going to go into a little more detail on what’s involved in meeting CMMC compliance and how V2 Systems can help you achieve certification.   Read more

A Warning from DHS and Other Government Agencies Regarding Remote Working

By Erik Briceno

A Warning from DHS and Other Government Agencies Regarding Remote Working

In light of the growing Coronavirus (COVID-19) pandemic, in our previous blog, we highlighted some of the numerous remote working solutions that are available to those who are forced to work from home during this worrying time. However, even now at the time of writing, we are hearing warnings and reports from several government agencies on how malicious actors are taking advantage of the crisis to push malware, ransomware, and phishing campaigns into even higher gear. Those who are working from home are especially at risk for a variety of reasons. Today we’re going to outline some of these vulnerabilities that DHS, NIST and other agencies are cautioning on, and what each person can do to secure themselves as much as possible on their end in their own home.   Read more

You Need More Than NIST. You Also Need CMMC Compliance.

By Erik Briceno

You Need More Than NIST. You Also Need CMMC Compliance.

In previous blogs, we’ve outlined NIST 800-171 standards and why it’s important to follow them. The next evolution of NIST for 2020 is the CMMC — Cybersecurity Maturity Model Certification — and there’s a deadline to adopt it that’s coming up fast. What exactly is it and how can you comply with these additional standards? Let’s take a look.   Read more

NIST SP 800-171 Is Now More Important Than Ever: Are You Following the Framework?

By Erik Briceno

NIST SP 800-171 Is Now More Important Than Ever: Are You Following the Framework?

The National Institute of Standards and Technology, more commonly referred to as NIST, puts out extremely important guidelines to follow, and we have covered those guidelines at length in past articles. However, there have been quite a few changes since we last wrote about them. Today, we’re putting out a refresher on the subject for readers who are unfamiliar with NIST compliance, as well as sources for some of the more recent, important updates to NIST standards.   Read more

Small Business IT Security Basics, Part 2: Investing in Cybersecurity

By Erik Briceno

Small Business IT Security Basics, Part 2: Investing in Cybersecurity

Small businesses increasingly rely on information technology to reach new markets, increase employee productivity and lower operating costs. At the same time, theft of digital data has become the most commonly reported fraud, surpassing physical theft.

The average cost of cybersecurity incidents ranges from about $34,604 for a small business to $1.05 million for a large business. That’s why companies of all sizes need a strong cybersecurity strategy to protect their data — the lifeblood of their business.

In Part 1 of Small Business IT Security Basics, we listed five essential steps that every company should take. Here are the next five actions for small businesses, starting with making sure your entire team is engaged.   Read more

A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy

By Erik Briceno

A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy

You never want a cybersecurity incident to happen. But in today’s complex technological landscape, it can happen. So you need to be prepared to implement an incident response plan that will help your business reduce the risks, costs and recovery time associated with a security breach or cyberattack.   Read more

By Erik Briceno

NIST SP 800-171: The Deadline Is Near, and I’m Not Ready. Is It Time to Panic?

Absolutely not! But like that famous ball in Times Square on New Year’s Eve, the clock is ticking down. It’s time to get in compliance with the upgraded cybersecurity standards outlined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.”

Federal government contractors need to meet these enhanced stipulations before the ball drops on Dec. 31, or they risk losing business.   Read more

What Are CUI and CDI? (And Why Should You Care?)

By Erik Briceno

What Are CUI and CDI? (And Why Should You Care?)

With the year-end deadline rapidly approaching for meeting updated federal cybersecurity standards, it’s important to know what’s involved.

What we’re talking about is safeguarding Controlled Unclassified Information (CUI). This type of information regularly moves through or resides on the internal networks or information systems of most federal contractors. Simply put, the government wants to strengthen security to keep that information secure.   Read more

1 2
A Refresher on NIST 800-171
A Refresher on NIST 800-171
target board with darts
Your DoD Cyberscore and You
CMMC Is Complex, But You Need It If You Want to Do Business.
CMMC Is Complex, But You Need It If You Want to Do Business
A Warning from DHS and Other Government Agencies Regarding Remote Working
A Warning from DHS and Other Government Agencies Regarding Remote Working
You Need More Than NIST. You Also Need CMMC Compliance.
You Need More Than NIST. You Also Need CMMC Compliance.
NIST SP 800-171 Is Now More Important Than Ever: Are You Following the Framework?
NIST SP 800-171 Is Now More Important Than Ever: Are You Following the Framework?
Small Business IT Security Basics, Part 2: Investing in Cybersecurity
Small Business IT Security Basics, Part 2: Investing in Cybersecurity
A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy
A Framework for Your Incident Response Plan: 5 Steps for Implementing A Cybersecurity Strategy
What Are CUI and CDI? (And Why Should You Care?)
What Are CUI and CDI? (And Why Should You Care?)