Avsnitt
-
Contractors serving the DoD are in a constant battle to safeguard their data in compliance with the CMMC. Listen to this episode of Cyberspin as our experts explore how managed cloud services can accelerate the Cybersecurity Maturity Model Certification (CMMC) journey and how they are the fastest and easiest way to accommodate a segment of your organization that handles CUI data.
Subscribe & Stream: Gear up for your CMMC journey with "Cyberspin," available on Apple iTunes, Spotify, and redspin.com. Subscribe for the latest insights on navigating your cybersecurity landscape.
-
Contractors working with the Department of Defense (DoD) who store, process, and/or transmit CUI face a crucial challenge: ensuring that their technical security controls, documentation, policies, and processes are robust enough to meet the stringent demands of CMMC. With a range of Cloud offerings available, understanding how each aligns with CMMC standards can be quite a challenge.
Listen as we tackle the most prevalent misconceptions surrounding Azure Cloud and its ability to satisfy CMMC requirements. We'll break down the differences between Azure Commercial 365, Government Community Cloud (GCC), and GCC High. You'll learn when it's appropriate to choose GCC over GCC High, especially concerning ITAR data considerations, and whether FIPS Encryption is adequately provided for the communication and storage of Controlled Unclassified Information (CUI) data.
We'll also tackle the challenges that remote companies face in meeting CMMC's network criteria and explain why waiting until 2027 to address CMMC could be a misstep.
Tune in as we debunk myths and shed light on the essential criteria that will help you navigate your CMMC journey.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
-
Saknas det avsnitt?
-
In this episode, we sit down with Robert Hill, the Founder and CEO of Cyturus, to unravel the WHY behind the Cybersecurity Maturity Model Certification (CMMC).
Our conversation kicks off with the pressing question: Why do small defense contractors need the same level of security as industry giants like Boeing and Raytheon? Robert Hill walks us through the tactical why, painting a vivid hypothetical scenario. Imagine a seemingly minor 4-millimeter adversarial change in the dimensions of a gasket from a subcontractor manufacturer. This breach has the potential to infect the Department of Defense like a virus, leading to the grounding of a warfighter jet and the potential to impact lives.
The discussion extends beyond supply chain issues, delving into the critical need to protect intellectual property. Hill emphasizes that the true threat lies not just in information breaches but in the subsequent manipulation of data—a concept with long-term real-world implications.
Join us as we explore the technical aspects. However, our conversation takes a turn as we point out CMMC is not merely about IT controls; it's about fostering a culture of cybersecurity. CMMC is not a checkbox compliance but a movement that requires business buy-in and a deep understanding of the WHY.
Tune in to gain insights into the world of cybersecurity, understand the genuine need to protect national defense information, and recognize that CMMC is more than compliance—it's a cybersecurity movement.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
-
Celebrate Cybersecurity Awareness Month with Redspin! We’re here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we’ll be shining a spotlight on our CMMC guides each week.
In this episode, we're excited to introduce Dr. Thomas Graham, a seasoned professional with a unique perspective on the world of cybersecurity, particularly from a Department of Defense (DoD) lens. With experience spanning the DHA, Navy medicine, from the governance perspective, and even a Federal Health IT Award-winning team, Thomas is well-equipped to shed light on the intricacies of this critical field.
Join us as we uncover the historical roots of Controlled Unclassified Information (CUI) and "read the tea leaves" of the Cybersecurity Maturity Model Certification (CMMC), positioning itself as a unifying force for cybersecurity requirements across various government agencies. Thomas, an expert in discerning the nuances of language, shares his insights into the future of CMMC and its potential impact on the DoD and other federal agencies.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
-
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week.
In this episode, we chat with John Fitch, Azure expert who works with OSCs in building a secure encalve. John emphasizes CMMC offers significant value to both large and small contractors. It effectively safeguards against advanced persistent threats (APTs), particularly those targeting sensitive national information. Unlike a mere compliance checklist, CMMC prioritizes accountability making it a valuable addition to the future of national cybersecurity.
Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most.
Listen in at redspin.com or your favorite podcast platform.
-
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week.
This week, Robert Teague explains the intricacies of the assessment process, shedding light on how he assists individuals in preparing for assessment and interviews. Not only does he play a pivotal role within the greater CMMC ecosystem, but he also emphasizes the importance of maintaining the confidentiality of critical information, which is crucial to safeguarding the nation's security in an era where adversaries seek to exploit vulnerabilities and develop countermeasures.
This episode underscores the transition effect of CMMC from a reactive cybersecurity standpoint to a proactive cybersecurity approach. Teague's passion and firsthand experience play a vital role in securing this complex puzzle of national defense.
Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most.
Listen in at redspin.com or your favorite podcast platform.
-
In this episode, we have the privilege of hosting a true luminary in the fields of politics, defense, and entrepreneurship - the remarkable Katie Arrington. From her pivotal role as the CISO of the Department of Defense (DoD) where she helped launch the Cybersecurity Maturity Model Certification (CMMC), to her representation of South Carolina's 94th district, Katie Arrington is a force to be reckoned with.
Throughout this candid conversation, Katie opens up about her concerns with the CMMC framework, the clever intent of adversaries, the very real and serious cyber threats our country faces, and why CMMC plays a bigger role than most understand at this point in the game.
Tune in and listen as Katie Arrington provides perspective on the world of cybersecurity, defense, and the profound impact they have on our nation's security and business landscape. Her advocacy for national defense will leave you with a deeper understanding of the challenges and opportunities in this ever-evolving domain. This is an episode you won't want to miss!
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
-
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week.
In this episode, we're thrilled to introduce Jeremy Mares, the first guide you will likely meet on your journey through CMMC. Listen as Jeremy breaks down the various CMMC paths that organizations can follow. Jeremy reminds us that CMMC compliance can vary significantly from one organization to another, and his role is to assist Organizations Seeking Certification in navigating the multitude of options and finding the best path that suits their specific needs and goals.
Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most.
Listen in at redspin.com or your favorite podcast platform.
-
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week.
In this episode, we're excited to introduce Tara Leimeux, known as the "Princess of CMMC". Tune in to discover the inspiration behind her passion and gain a deeper understanding of the dedication and hard work that has propelled CMMC to where it is today.
Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most.
Listen in at redspin.com or your favorite podcast platform.
-
Welcome to Cyberspin, a podcast by Redspin. This podcast is your go-to resource for gaining valuable insights into the world of Cybersecurity Maturity Model Certification, commonly known as CMMC. Listen in as our experts navigate crucial CMMC updates, emerging trends, key challenges, best practices, and much more. Tune in at redspin.com or your favorite podcast platform.
-
Dr. Thomas Graham and Robert Teague chat about the latest updates and announcements regarding the Cybersecurity Maturity Model Certification (CMMC). Tune is as the two discuss the accidental release of CMMC Level 3 draft, recent rulemaking progress with CMMC now in the hands of OIRA, and give us a glimpse of what lies ahead for CMMC internationally. Listen now to stay informed about the evolving landscape of CMMC and its impact on organizations seeking certification.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
We unravel the world of Managed Services and their role in Cybersecurity Maturity Model Certification (CMMC). Explore the dynamic landscape of Managed Services, focusing on security and cloud solutions tailored to meet your CMMC needs.
Whether you're grappling with limited IT staff, budget constraints, or with on-premises systems, Managed Services offer a solution to your pain points. Learn how Managed Services providers, like us at Redspin, with their expertise in CMMC, security and IT, can be the missing piece in your CMMC puzzle.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
Join Redspin's Rob Teague and Thomas Graham, along with special guests Chandler Hall and Steve Pratt from Sentar, as they demystify CMMC documentation compliance in this episode.
Discover the critical role of documentation for OSCs and its significance in the CMMC process. Our experts define documentation in the context of CMMC and unravel its constant evolution. Delve into SSPS and its key components, including high-level ODPs, policies and procedures, CUI data flow diagram, asset inventory, and system description.
Unlock insights from C3PAOs, emphasizing practices over objectives, and learn the benefits of working with MSPs and RPOs. Explore opportunities to streamline and consolidate policies, plans, and procedures, finding the perfect balance between efficiency and excess.
Listen in as we crack the code of CMMC documentation compliance, and discover whether being lean is too mean or if bloat equals gloat. Tune in for a concise and enlightening exploration of this vital cybersecurity topic.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
In this episode, we're going to dive into a topic that has been making waves in the CMMC community - the updates introduced in NIST 800-171 Revision 3 and explore the significant impact for organizations seeking Cybersecurity Maturity Model Certification (CMMC) certification.
Join us as we navigate through the key changes and enhancements introduced in Revision 3 and how they shape the landscape of CMMC. We discuss the updates, the expanded scope, timeline, and the implications for organizations seeking CMMC certification.
Through this discussion and expert analysis, Dr. Thomas Graham and Robert Teague shed light on the significance of this update, providing valuable insights for businesses and individuals navigating CMMC. Tune in to gain a deeper understanding of the new NIST 800-171 Revision 3 and its far-reaching implications for CMMC.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
In this episode Matt Travis, CEO of the Cyber AB joins us to discuss the latest updates and processes in the Cybersecurity Maturity Model Certification (CMMC) rulemaking timeline, as of March 3rd, 2023.
Matt breaks down what the proposed rule looks like, how long it will take before its finalized, and more.
Whether you're leading your organizations CMMC efforts, are a C3PAO, or simply following along with this important cybersecurity initiative, this episode provides valuable insights into the CMMC ecosystem. Tune in to stay ahead of the curve in safeguarding your organization's critical data.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Today we discuss Non-Federal Organization (NFO) controls, where Appendix E comes into play, updates on the NIST 800-171 rev.3 announcement, and dig a little into cybersecurity strategy.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Today we discuss your CMMC (and DFARS) requirements around Incident response, how to address the problem of limited resources for small and medium-sized businesses, and cover what actually makes a good communications/response plan.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Logging plays a major role in protecting an organization's CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
The documentation episode, where we address some of Redspin's most common questions like: Do I need documentation for every domain? How long should your SSP be? Why do we need documentation, and do we still need it with CMMC 2.0? Listen in as Rob and Thomas walk through the documentation requirement, what to expect during an assessment, important documentation aspects you can't afford to miss, and where to turn when you don't know where to begin (we have templates!).
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email [email protected] and we will do our best to cover it in our upcoming episodes!
-
Redspin's CMMC experts are back to highlight the recent news announcing the start of joint C3PAO and DIBCAC assessments! During the CMMC AB Townhall on July 26th, 2022 it was announced that the first set of certifications will kick off as a joint surveillance program with C3PAOs and DIBCAC.
Representing one of the first C3PAOs conducting a joint DIBCAC HIGH assessment, Redspin's Thomas Graham walks us through what the first four assessments will look like, what the relationship between the OSC and C3PAO will look like during these assessments, and will discuss the goal of DIBCAC High. Our experts will also discuss what happens to DIBCAC Joint assessments once CMMC is live and active. Rob Teague reviews what a joint assessment is, what the current projected course is for CMMC finalization, and last Ross Piper covers the release of the CAP.
Do you have a question you’d like us to address on this podcast, or would you like to connect with us at an upcoming conference? Send us an email at [email protected].
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform.
- Visa fler
