Navigating the Intersection of Post-Quantum Encryption and CMMC Compliance

This week’s release of the first three post-quantum encryption standards by NIST—FIPS 203, 204, and 205—marks a significant step in securing data against the threat of quantum computing. These standards aim to protect encryption and digital signatures from quantum attacks, ensuring that sensitive data remains secure as technology evolves. Here Read more…

Will Subcontractors Be Able to Self-Assess Their Compliance with CMMC Level 2? Maybe…

Under the CMMC program, prime contractors that are required to meet Level 2 standards for handling Controlled Unclassified Information (CUI) typically must obtain a Final Level 2 (C3PAO) certification assessment. However, in limited cases, the Department of Defense (DoD) may make a risk-based decision to allow self-assessments based on the specific nature of the work and Read more…