Sofia Nabiha Herradi

Get Familiar with Your Controls: Building Sustainable CMMC Compliance

Blog /

What I Consistently Observe Across Organizations Beginning CMMC Across multiple organizations I’ve worked with, the initial phase of the cybersecurity Maturity Model Certification journey tends to follow a predictable pattern: A gap assessment is completed, policies are drafted or updated, a score is submitted into the supplier Performance Risk System, and teams begin preparing for […]

Get Familiar with Your Controls: Building Sustainable CMMC Compliance Read More »

AI in CMMC Level 2: Innovation Without Control Is Risk

CMMC /

As organizations pursue CMMC Level 2 certification and align with NIST SP 800-171, the use of artificial intelligence (AI) tools is rapidly expanding across engineering, IT, and operations. From troubleshooting systems to generating code and automating workflows, AI is improving efficiency across the enterprise. However, in regulated environments, this shift introduces a critical gap: AI

AI in CMMC Level 2: Innovation Without Control Is Risk Read More »

AI in CMMC Environments: Hidden Risks to CUI and How to stay compliant

AI Governance /

As organizations move toward CMMC compliance and align with NIST SP 800-171 requirements, the use of artificial intelligence (AI) tools is rapidly increasing, especially among administrators and developers. While AI improves efficiency and accelerates workflows, it also introduces new cybersecurity risks that many organizations are not fully addressing. In a CMMC Level 2 environment, where

AI in CMMC Environments: Hidden Risks to CUI and How to stay compliant Read More »

CMMC Readiness: Why Many Companies Think They Are Ready, But Are Not

CMMC /

As organizations prepare for Cybersecurity Maturity Model Certification, one thing I have noticed repeatedly is that many believe they are close to readiness because policies, tools, and security processes already exist. In reality, readiness often becomes more challenging when organizations begin looking at how controls actually operate day to day. A common example is access

CMMC Readiness: Why Many Companies Think They Are Ready, But Are Not Read More »

Release AI Capabilities with a Safe Society in Mind

AI Governance /

Have you ever thought about how quickly artificial intelligence is advancing and whether society is prepared for the challenges it presents? Have you also considered how fast humans could lose control over this rapidly evolving technology?  Release AI Capabilities with a Safe Society in Mind Artificial intelligence (AI) has made significant strides in recent years,

Release AI Capabilities with a Safe Society in Mind Read More »

AI Software Development Life Cycle

AI Governance /

The Importance of Assessing Societal Impacts of AI Systems in the Wake of CrowdStrike Worldwide Outage- AI Software Development Life Cycle The Importance of Assessing Societal Impacts of AI Systems in the Wake of CrowdStrike Worldwide Outage Artificial Intelligence (AI) technology has become an integral part of our daily lives, revolutionizing industries, services, and functions

AI Software Development Life Cycle Read More »

Evolving the GRC Role in the AI Era: NIST AI RMF

AI Governance /

Evolving the GRC Role in the AI Era: NIST AI RMF June 27, 2024 In our rapidly advancing technological landscape, integrating artificial intelligence (AI) systems has become ubiquitous across various industries, revolutionizing business operations and processes. As organizations harness the power of AI to drive innovation and improve efficiencies, the role of Governance, Risk, and

Evolving the GRC Role in the AI Era: NIST AI RMF Read More »