CMMC and CUI Documentation
- The NIST SP 800-171 DoD Assessment Methodology
- The Cybersecurity Maturity Model Certification (CMMC) Framework
- Assessing Contractor Implementation of Cybersecurity Requirements
- Rule text at
- NIST SP 800-171 DoD Assessment Methodology and Cyber/DFARS 252.204-7012 FAQs
- Factsheet on DFARS Case 2019-D041
- We support Buy CT Cybersecurity tax credit – Similar to Buy Maryland Tax Credit
- We support Raised CT Bill No. 6607 – Incentivizing the Adoption of Cybersecurity Standards for Businesses
- We recommend the development of a Cybersecurity Advisory Committee for CT similar to U.S. H.R. 1975
- We recommend CT develop and implement annual cybersecurity training for CT legislature similar to H.R. 355
- We recommend an CT update, republish, and fund the CT Cybersecurity Strategy.
Where CT is Winning:
- New legislation to attract Data Centers to CT creating high quality tech jobs.
- Proposed legislation for Cybersecurity providing protections to companies that take a proactive step to address security.
Get ready for explosive tech job growth in CT over the next 3 years!
Additional Resources to help with cybersecurity:
- DISA Zero Trust Reference Architecture
- NSA’s Best Practices for Keeping Your Home Network Secure: including Safeguarding against Eavesdropping
- FTC’s Online Security website: including information on Mobile Apps (applications) and IP Cameras, such as the ones used in baby monitors, toys, and door bells
- FTC’s Video and Media website: including videos and games to help educate your family about a wide variety of topics including cybersecurity
- GAO’s report in Information Security: including a look at mobile device security threats and vulnerabilities
- DHS’s Study on Mobile Device Security
- NIST’s NIST SP 800-124: Guidelines for Managing the Security of Mobile Devices in the Enterprise
- DoD CIO’s Social Media Education and Training website
- CISA’s Trusted Internet Connections 3.0: Interim Telework Guidance
- National Archives CUI Blog
Consult with your agency or organization’s security office if you have specific questions or concerns.