by Shawn Duffy | Mar 25, 2021 | Assessments, Blog, vulnerability
Besides regulatory compliance, two cybersecurity services Duffy Compliance has been known for are penetration testing and vulnerability assessments. At first glance, pen testing and vulnerability assessments may appear to mean the same thing. Often this question comes...
by Shawn Duffy | Feb 18, 2021 | CMMC, Blog, Compliance, Security Awareness Training
While I’ve written about security awareness training in the past, I’m revisiting it today because it never gets old. Training isn’t just something you did to check off a box; it’s something you do… continually. With the cyber attackers...
by Shawn Duffy | Feb 4, 2021 | Blog, CSF, Cybersecurity
Over here at Duffy Compliance, we are all things security. But that doesn’t necessarily mean that you know many of the terms (or alphabet soup) that we throw around. One term that has come up recently from some of our clients is “CSF,” formally known...
by Shawn Duffy | Dec 18, 2020 | CMMC, Compliance
Last month, I talked about the interim rule for CMMC and that as of November 30, 2020, contracting officers will check the Supplier Performance Risk System (SPRS) database to confirm that a contracting agency has an active SPRS Assessment prior to the award of a new...
by Shawn Duffy | Dec 3, 2020 | CMMC, Blog, Compliance, News
For all of 2020, there has been a frenzy over migrating from CUI to CMMC. As a matter of fact, Duffy Compliance Services has even been registered to become a C3PAO (Certified 3rd-Party Assessment Organization) for CMMC. The intention was that CMMC would be in place...