Regulations, Frameworks, and Controls - February 18, 2022

Many companies struggle with all of the cybersecurity documentation, processes, and policies that can limit their business growth and REALLY stress them out. Omnistruct serves as an enterprise partner for the critical policies, processes, and documentation needed to make sure all of that data and revenue is well protected against cyber threats and that the company stays in compliance with all rules and regulations.

Most Critical Infrastructure Sectors Haven’t Adopted NIST Cybersecurity Framework

A new report from the U.S. Government Accountability Office (GAO) found most of the country’s critical infrastructure have yet to take steps toward adopting a nearly decade-old framework to improve cybersecurity. By Chad Hemenway | February 16, 2022 Read More

NIST Finalizes Report on Cyber-Enterprise Risk Management Integration

The National Institute of Standards and Technology has published a finalized report that highlights the need to consider enterprise risk management when making cybersecurity decisions. By Nichols Martin I February 14, 2022 Read More

Meeting the System Security Plan Challenge

One of the biggest pain points for any defense contractor seeking CMMC L2 compliance is creating their System Security Plan (SSP) and the supporting documentation that outlines the protection of CUI within their organization. This SSP and documentation are required for almost every one of the 110 NIST 800-171 and CMMC controls. And that documentation cannot just make sense to the organization – it also has to make sense to a potential outside auditor. Moreover, the SSP and documentation are not optional. Without it, a defense contractor cannot participate in a DoD contract. By Orlee Berlove I February 16, 2022 Read More