4 min read
Announcing BEMO's CMMC Level 2 Certification
BEMO is now CMMC Level 2 certified! Here's what we learned going through it, and what it means for the companies counting on us to help them get...
CMMC
3 min read
The Truth About CMMC Mock Audits
Most organizations approach CMMC Level 2 certification with the wrong question. They ask: What do we need to pass the audit? But the better question...
6 min read
Inside BEMO's CMMC Level 2 Certification: 7 Takeaways From Our Team
BEMO recently earned CMMC Level 2 certification. But behind that announcement was a team of people across security, IT, operations, data, and HR who...
3 min read
Security Lessons from a Microsoft Veteran
Bruno Lecoq spent twenty years at Microsoft before founding BEMO. He realized that the small and medium business sector lacked practical...
4 min read
Rethinking Cybersecurity in the Defense Industrial Base
For organizations working with primes like Lockheed Martin or Boeing, frameworks such as CMMC, DFARS and ITAR aren’t optional checkboxes. They are...
5 min read
Everything You Need to Know About CMMC Compliance
For companies that work with the U.S. Department of Defense (DoD) or its contractors, cybersecurity compliance is no longer optional. Frameworks like...
7 min read
CMMC Level 2 Requirements: What You Need to Comply
Quick answer: CMMC Level 2 requires defense contractors handling Controlled Unclassified Information (CUI) to implement all 110 security controls...
7 min read
FedRAMP vs CMMC: What Defense Contractors Must Know
Quick Answer: CMMC applies to DoD contractors handling FCI or CUI. FedRAMP authorizes cloud service providers selling to federal agencies. Most...
4 min read
There’s a Real Cost to “We’re Too Small to be Attacked”
Small and mid-sized companies, especially government contractors, still cling to one comforting belief: “We’re too small to be worth attacking.” But...
5 min read
The CMMC Revolution: How BEMO Is Redefining Compliance.
Bruno Lecoq spent 20 years at Microsoft before co-founding BEMO. He didn’t leave because he disliked the company. In fact, he says he “owes his life...
5 min read
The Hardest Part About Compliance Isn’t Certifications, It’s Discipline
Most companies think the toughest part about compliance is the technology or getting all the right certifications. They’re wrong. The toughest part...
8 min read
Does CMMC Require GCC High? Microsoft 365 Paths to CMMC Level 2
Quick Answer: No, CMMC does not require GCC High, but your contracts often do. While the framework defines security controls, DFARS clauses, data...
8 min read
What Is a CMMC Enclave? When to Build One and When to Buy One
Quick Answer: A CMMC enclave is an isolated IT environment where Controlled Unclassified Information is stored and processed, letting DoD contractors...
5 min read
CMMC Readiness Requires Business-Wide Ownership
George Dunlop, Founding Partner of Dunlop Security Group and a lead CMMC assessor, explains why the most common mistake in CMMC readiness is treating...
5 min read
The Implementation Decisions That Make or Break Your CMMC Assessment
Most organizations treat CMMC implementation as a technical execution phase. John Christly, VP of Commercial Services & Chief Learning Officer at...