CMMC: Not Just Your 800-171 Anymore!
Much has already been published with respect to the Cybersecurity Maturity Model Certification (CMMC). So, hopefully this introduction will be summarily brief. Let’s start at the beginning. The CMMC was published in 2020 as DoD’s extension to NIST SP 800‑171. The CMMC “certification” is specifically for contractor organizations. It basically is the same as “authorization to operate”. […]
Harnessing the Power of Software Value Streams
A major goal of DevOps is to improve value by reducing lead times and reducing bottlenecks in software value streams. The winning method for identifying those bottlenecks is called Value Stream Mapping. In my SlideShare “Value Stream Mapping for DevOps” I illustrate a simple approach to conduct Value-Stream Mapping for DevOps value streams. Easy-to-use templates […]
Top 10 Things You Need to Know About CMMC
Recent events have highlighted why cybersecurity is crucial, and its cascading effects. The ransomware hack of the Colonial Pipeline sent gas prices skyrocketing in the US Southeast, causing shortages and untold cascading effects. US companies lose up to $600 billion per year due to lax cybersecurity. Cybersecurity is not just the purveyance of the US […]
Update Your Server’s TLS
Everyone wants to browse the web safely. To that end, virtually all web servers use TLS (Transport Layer Security) to encrypt communication with clients. However, older versions of the protocol use insecure encryption techniques and may be weaker protocols, in general. The US NSA has issued guidelines for web administrators to update their servers. It […]
Disciplined Agile: Is It Right for Me?
True business agility comes from freedom, not frameworks. Discover the Project Management Institute® Disciplined Agile (DA) program and tap into the industry-leading process decision tool kit that describes how agile software development, DevOps, IT, and business teams work in your enterprise. Disciplined Agile gives you the tools you need to join the ranks of organizations […]