Location:

United States

Description:

A podcast to help you navigate CMMC.

Twitter:

@RedspinInc

Language:

English

Contact:

5128034668


Episodes
Ask host to enable sharing for playback control

Understanding Rep. Gary Palmer's Joint Resolution Against the CMMC Rule & Staying Focused on The CMMC Road Ahead

11/27/2024
In this special episode, Robert Hill, CEO at Cyturus, shares the inside scoop from his discussion with Representative Gary Palmer’s staff about Palmer’s joint resolution disapproving the CMMC rule. Learn what this resolution means for DoD contractors, how it could impact compliance efforts, and why staying focused on the path to compliance is more important than ever. Listen to clarify the implications and next steps for navigating this critical moment in the defense industrial base. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:21:38

Ask host to enable sharing for playback control

November CMMC Connect: MSPs, Security Assets, the Cap, Unsupported Systems, MFA, CUI, FIPS, Visitor Controls, and of Course (and always) Documentation!

11/25/2024
This conversation is a replay of Redspin's November 2024, CMMC Connect Q&A session. The conversation covers various aspects of the CMMC process, including boundary considerations, asset definitions, and strategies for preparing for assessments. The speakers (some who are live from the Cyber AB's CEIC Conference) provide insights into the latest updates on the new CMMC Assessment Process (CAP) release, how Managed Service Providers (MSPs) can prepare for Level 2, and best practices for making the assessment process smoother. They also discuss the challenges of handling unsupported operating systems and the importance of risk management in these scenarios. This conversation delves into various aspects of CMMC compliance, including the necessity of MFA for Wi-Fi access and the handling of CUI in different contexts. The discussion also covers the importance of background checks for third-party employees, the management of visitor controls in research environments, and updates on compliance processes and requirements such as FIPS validation. The panelists emphasize the need for thorough documentation and due diligence in maintaining compliance standards. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:47:09

Ask host to enable sharing for playback control

October CMMC Connect: Updates and Guidance with Matt King!

11/4/2024
This episode shares October’s CMMC Connect session, which features special guest Matt King, Belcan's Chief Security and Data Officer, alongside Jeremy Mares and Robert Teague from Redspin. The team breaks down the latest CMMC updates, including insights on the finalized 32 CFR timeline, tips for defining CUI, and new requirements for MSP and ESP certifications. They also tackle audience questions on key topics like scoping, training, DIBCAC High certification (JSVAP), and much more. Whether you’re a defense contractor or cybersecurity professional, this episode offers valuable insights into navigating CMMC requirements. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:55:00

Ask host to enable sharing for playback control

Navigating the CMMC Final Rule

10/15/2024
Rob Teague and the team discuss the anticipated 32 CFR final rule. They explore initial key takeaways from the rule, including changes in certification processes for external service providers, DIBCAC-High assessments, the appeals process, record retention requirements, and the impact of mergers and acquisitions on certification. Rob, Dr. Thomas Graham, and Jeremy Mares emphasize the importance of acting quickly to navigate the upcoming certification landscape and address the challenges posed by potential assessment backlogs. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:22:31

Ask host to enable sharing for playback control

September CMMC Connect: In the Cloud, Timelines, and Small Businesses

9/30/2024
This episode is a replay of the latest CMMC Connect session, where we tackle critical updates on CMMC rulemaking, public comments, and timelines. It features insights from the "Queen of CMMC" Tara Lemieux, Rob Teague, who joins us live from NCS, and cloud security expertise from Steve Akers. We dive into essential tips for compliance, Cloud environments, the 48 CFR rule, and what small businesses need to know as 2025 approaches. Don't miss this deep dive into CMMC and the chance to prepare for what’s next. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:50:52

Ask host to enable sharing for playback control

August CMMC Connect: Timelines, Strategies for SMBs, Cloud Environments, etc...

9/3/2024
In this month's episode, we revisit the August CMMC Connect session, where Jeremy, Thomas, and Rob discuss the latest updates and questions surrounding the Cybersecurity Maturity Model Certification (CMMC). Tune in as we cover key topics, including the anticipated timeline for CMMC certification requirements, recent developments like the 32 CFR and 48 CFR publications, and the cost implications for small businesses aiming for CMMC Level 2 certification. The panel also addresses the complexities of scoping CMMC compliance in cloud environments, the role of joint surveillance assessments, and how to navigate potential challenges in meeting compliance requirements. This episode is packed with actionable insights and answers to your most pressing CMMC questions, making it a must-listen for anyone involved in the defense industrial base (DIB) or interested in staying ahead of CMMC developments. Key Takeaways: Whether you're a prime contractor, subcontractor, or just getting started with CMMC, this episode provides valuable guidance on navigating the evolving landscape of cybersecurity compliance. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:35:36

Ask host to enable sharing for playback control

July CMMC Connect: Implementation Strategies, Sub/Supplier Readiness, CMMC for SMBs, and more

7/26/2024
As part of our CMMC Connect Series of the Cyberspin Podcast, this episode presents a replay of our latest CMMC Connect session. Listen as Jeremy Mares, Tara Lemieux, Dr. Thomas Graham, and Rob Teague as they tackle audience questions on essential CMMC topics: Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:48:43

Ask host to enable sharing for playback control

June CMMC Connect: Timelines, Encryption, Flow-Down, CCP, and more

7/1/2024
In this episode of the Cyberspin Podcast's CMMC Connect Series, we present a replay of our latest CMMC Connect session. Join Tara Lemieux, Dr. Thomas Graham, and Rob Teague as they answer audience questions on key CMMC topics, including NIST 800-171 Rev. 3 timelines, the impact of encryption on CUI, prime-to-subcontractor flow-down requirements and responsibilities, CMMC Certified Professional (CCP) courses, and more. Tune in for key takeaways and best practices to help you navigate your CMMC journey effectively. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:34:53

Ask host to enable sharing for playback control

May CMMC Connect: Scoping, Info Sharing with Your Subs, Leadership Buy-In, and More

6/4/2024
In this episode of the Cyberspin Podcast: CMMC Connect Series, we bring you a replay of our latest CMMC Connect session. Join Dr. Thomas Graham, Jeremy Mares, and Rob Teague as they answer audience questions on critical CMMC topics, including how remote desktop affects scoping, the best ways to share information with subcontractors within compliance, and strategies for gaining leadership buy-in. Tune in for key takeaways and best practices to help you navigate your CMMC journey effectively. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:42:35

Ask host to enable sharing for playback control

The Prime’s Perspective on CMMC

4/16/2024
In this episode of Cyberspin, join Rob Teague and Dr. Thomas Graham as they talk CMMC with special guests, Jennifer Simpson, Sr. Director, of Corporate Cyber Assurance and Shari Pettersson Director, of Information Security Authorizations & Decisions (ISAD) at BAE Systems, Inc. Learn how BAE Systems, Inc. embarked on their CMMC journey early with a Joint Surveillance Voluntary Assessment (JSVA). From early preparations to final assessments, get an insider’s perspective on how one of the leading defense contractors navigates the complexities of CMMC, ensuring the security and compliance of their operations. This discussion sheds light on how to prepare for CMMC directly from a prime contractor who has taken early steps to demonstrate cybersecurity maturity through CMMC. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:21:12

Ask host to enable sharing for playback control

Small Cloud for Big Savings

4/11/2024
Contractors serving the DoD are in a constant battle to safeguard their data in compliance with the CMMC. Listen to this episode of Cyberspin as our experts explore how managed cloud services can accelerate the Cybersecurity Maturity Model Certification (CMMC) journey and how they are the fastest and easiest way to accommodate a segment of your organization that handles CUI data. Subscribe & Stream: Gear up for your CMMC journey with "Cyberspin," available on Apple iTunes, Spotify, and redspin.com. Subscribe for the latest insights on navigating your cybersecurity landscape.

Duration:00:16:39

Ask host to enable sharing for playback control

CMMC and Azure Cloud Misconceptions

3/26/2024
Contractors working with the Department of Defense (DoD) who store, process, and/or transmit CUI face a crucial challenge: ensuring that their technical security controls, documentation, policies, and processes are robust enough to meet the stringent demands of CMMC. With a range of Cloud offerings available, understanding how each aligns with CMMC standards can be quite a challenge. Listen as we tackle the most prevalent misconceptions surrounding Azure Cloud and its ability to satisfy CMMC requirements. We'll break down the differences between Azure Commercial 365, Government Community Cloud (GCC), and GCC High. You'll learn when it's appropriate to choose GCC over GCC High, especially concerning ITAR data considerations, and whether FIPS Encryption is adequately provided for the communication and storage of Controlled Unclassified Information (CUI) data. We'll also tackle the challenges that remote companies face in meeting CMMC's network criteria and explain why waiting until 2027 to address CMMC could be a misstep. Tune in as we debunk myths and shed light on the essential criteria that will help you navigate your CMMC journey. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:14:19

Ask host to enable sharing for playback control

The Why Behind CMMC, with Robert Hill, CEO of Cyturus

12/19/2023
In this episode, we sit down with Robert Hill, the Founder and CEO of Cyturus, to unravel the WHY behind the Cybersecurity Maturity Model Certification (CMMC). Our conversation kicks off with the pressing question: Why do small defense contractors need the same level of security as industry giants like Boeing and Raytheon? Robert Hill walks us through the tactical why, painting a vivid hypothetical scenario. Imagine a seemingly minor 4-millimeter adversarial change in the dimensions of a gasket from a subcontractor manufacturer. This breach has the potential to infect the Department of Defense like a virus, leading to the grounding of a warfighter jet and the potential to impact lives. The discussion extends beyond supply chain issues, delving into the critical need to protect intellectual property. Hill emphasizes that the true threat lies not just in information breaches but in the subsequent manipulation of data—a concept with long-term real-world implications. Join us as we explore the technical aspects. However, our conversation takes a turn as we point out CMMC is not merely about IT controls; it's about fostering a culture of cybersecurity. CMMC is not a checkbox compliance but a movement that requires business buy-in and a deep understanding of the WHY. Tune in to gain insights into the world of cybersecurity, understand the genuine need to protect national defense information, and recognize that CMMC is more than compliance—it's a cybersecurity movement. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:29:16

Ask host to enable sharing for playback control

Your CMMC Guide: Dr. Thomas Graham, VP, CISO, & CMMC Assessor/Instructor at Redspin

10/31/2023
Celebrate Cybersecurity Awareness Month with Redspin! We’re here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we’ll be shining a spotlight on our CMMC guides each week. In this episode, we're excited to introduce Dr. Thomas Graham, a seasoned professional with a unique perspective on the world of cybersecurity, particularly from a Department of Defense (DoD) lens. With experience spanning the DHA, Navy medicine, from the governance perspective, and even a Federal Health IT Award-winning team, Thomas is well-equipped to shed light on the intricacies of this critical field. Join us as we uncover the historical roots of Controlled Unclassified Information (CUI) and "read the tea leaves" of the Cybersecurity Maturity Model Certification (CMMC), positioning itself as a unifying force for cybersecurity requirements across various government agencies. Thomas, an expert in discerning the nuances of language, shares his insights into the future of CMMC and its potential impact on the DoD and other federal agencies. Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:09:01

Ask host to enable sharing for playback control

Your CMMC Guide: John Fitch, Azure CMMC Architect at Redspin

10/24/2023
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week. In this episode, we chat with John Fitch, Azure expert who works with OSCs in building a secure encalve. John emphasizes CMMC offers significant value to both large and small contractors. It effectively safeguards against advanced persistent threats (APTs), particularly those targeting sensitive national information. Unlike a mere compliance checklist, CMMC prioritizes accountability making it a valuable addition to the future of national cybersecurity. Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most. Listen in at redspin.com or your favorite podcast platform.

Duration:00:03:53

Ask host to enable sharing for playback control

Your CMMC Guide: Robert Teague, Director of CMMC Services at Redspin

10/17/2023
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week. This week, Robert Teague explains the intricacies of the assessment process, shedding light on how he assists individuals in preparing for assessment and interviews. Not only does he play a pivotal role within the greater CMMC ecosystem, but he also emphasizes the importance of maintaining the confidentiality of critical information, which is crucial to safeguarding the nation's security in an era where adversaries seek to exploit vulnerabilities and develop countermeasures. This episode underscores the transition effect of CMMC from a reactive cybersecurity standpoint to a proactive cybersecurity approach. Teague's passion and firsthand experience play a vital role in securing this complex puzzle of national defense. Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most. Listen in at redspin.com or your favorite podcast platform.

Duration:00:09:51

Ask host to enable sharing for playback control

Katie Arrington: CMMC Is the Reality Wake Up Call We All Need

10/12/2023
In this episode, we have the privilege of hosting a true luminary in the fields of politics, defense, and entrepreneurship - the remarkable Katie Arrington. From her pivotal role as the CISO of the Department of Defense (DoD) where she helped launch the Cybersecurity Maturity Model Certification (CMMC), to her representation of South Carolina's 94th district, Katie Arrington is a force to be reckoned with. Throughout this candid conversation, Katie opens up about her concerns with the CMMC framework, the clever intent of adversaries, the very real and serious cyber threats our country faces, and why CMMC plays a bigger role than most understand at this point in the game. Tune in and listen as Katie Arrington provides perspective on the world of cybersecurity, defense, and the profound impact they have on our nation's security and business landscape. Her advocacy for national defense will leave you with a deeper understanding of the challenges and opportunities in this ever-evolving domain. This is an episode you won't want to miss! Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Duration:00:37:38

Ask host to enable sharing for playback control

Your CMMC Guide: Jeremy Mares, VP of Federal Accounts - CMMC at Redspin

10/9/2023
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week. In this episode, we're thrilled to introduce Jeremy Mares, the first guide you will likely meet on your journey through CMMC. Listen as Jeremy breaks down the various CMMC paths that organizations can follow. Jeremy reminds us that CMMC compliance can vary significantly from one organization to another, and his role is to assist Organizations Seeking Certification in navigating the multitude of options and finding the best path that suits their specific needs and goals. Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most. Listen in at redspin.com or your favorite podcast platform.

Duration:00:05:58

Ask host to enable sharing for playback control

Your CMMC Guide: Tara Leimeux, CMMC Consultant at Redspin

10/3/2023
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week. In this episode, we're excited to introduce Tara Leimeux, known as the "Princess of CMMC". Tune in to discover the inspiration behind her passion and gain a deeper understanding of the dedication and hard work that has propelled CMMC to where it is today. Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most. Listen in at redspin.com or your favorite podcast platform.

Duration:00:07:48

Ask host to enable sharing for playback control

Welcome to Cyberspin

9/28/2023
Welcome to Cyberspin, a podcast by Redspin. This podcast is your go-to resource for gaining valuable insights into the world of Cybersecurity Maturity Model Certification, commonly known as CMMC. Listen in as our experts navigate crucial CMMC updates, emerging trends, key challenges, best practices, and much more. Tune in at redspin.com or your favorite podcast platform.

Duration:00:00:40