Ammolite Insights: December 18, 2025
CYBERSECURITY NEWS, INSIGHTS & ANALYSIS
CMMC 2.0 & CPCSC Compliance Support for Defence Subcontractors
CMMC 2.0 is now in effect under 32 CFR Part 170, with requirements being phased into defence contracts through 2028. If your organization handles Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), you may now need to complete a self-assessment or third-party audit to stay eligible for U.S. and Government of Canada defence work.
Ammolite Security helps defence subcontractors prepare with confidence, offering practical CMMC and CPCSC readiness assessments, clear compliance roadmaps, policy and control development, training, and audit preparation. Our team makes complex requirements easier to understand and easier to meet.
In The News
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against U.S. and Global Critical Infrastructure
Over the past several years, the authoring organizations have observed pro-Russia hacktivist groups conducting cyber operations against numerous organizations and critical infrastructure sectors worldwide.
Cybersecurity Concerns are Paramount Among Executives in Almost All Roles, Regions, and Industries
A new survey finds widespread agreement that security is one of the biggest challenges facing companies today.
Build A Cyber-Ready Workforce with Customized Corporate Training
Cyber threats continue to grow in cost and complexity, making employee awareness and capability a critical line of defence.
Ammolite Security delivers customized corporate cybersecurity training designed for both technical and non-technical teams, helping organizations reduce risk, upskill their workforce, and respond effectively to evolving threats. Led by defence and law-enforcement cyber experts and built by adult learning specialists, our flexible programs are delivered virtually or on-site and tailored to your organization’s needs, roles, and schedule.
Empower your people and strengthen your security posture.