Climbing Mount CMMC
Our podcast is dedicated to supporting MSPs/MSSPs and the companies that engage with them. We aim to maintain transparency throughout our journey, especially as we pursue our level two certification. While only a few MSPs are actively participating, we hope this podcast will inspire more involvement. We are also excited to announce that we will have guests on our podcast who are professional in their fields. These guests include Brian Hubbard, Joy Beland, Amira Armond and many more.
Episodes
In this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of navigating CMMC Level 2 certification and assessments, particularly focusing on the role of Managed Service Providers (MSPs). They explore the challenges faced by small MSPs, the importance of documentation, and the intricacies of the assessment process. The conversation emphasizes the need for MSPs to be well-prepared and knowledgeable to effectively suppo...
In this episode of Climbing Mount CMMC, Kaleigh and Bobby delve into the intricacies of vulnerability scanning, particularly in the context of CMMC Level 2 compliance for Managed Service Providers (MSPs). They discuss the challenges of vulnerability management, the importance of selecting appropriate tools, and the complexities involved in implementing effective scanning processes. The conversation emphasizes the need for clear doc...
In this episode, Bobby and Kaleigh discuss the complexities of navigating the Defense Industrial Base (DIB) space, particularly focusing on the Cybersecurity Maturity Model Certification (CMMC) assessments. They explore the challenges faced by organizations in understanding and complying with CMMC requirements, the importance of effective communication with C3PAOs, and the necessity of thorough preparation for assessments. The conv...
48 CFR IS HERE! And we have a lot to talk about.
In this episode, Bobby and Kaleigh discuss the recent release of 48 CFR and its implications for contractors and subcontractors working with the Department of Defense (War). They explore the significance of the new regulations, the phased rollout strategy, and the importance of CMMC unique identifiers (UIDs). The conversation highlights the risks associated with non-compliance and th...
In this episode, Kaleigh and Bobby discuss the critical role of data flow diagrams in system security plans, particularly in the context of CMMC compliance. They explore the importance of understanding data flow, identifying sources and users, and ensuring proper sanitization of controlled unclassified information (CUI). The conversation emphasizes the need for organizations to be aware of how data flows through their systems and t...
In this episode, Kaleigh and Bobby delve into the intricacies of Customer Responsibility Matrices (CRMs) within the context of CMMC compliance. They discuss the importance of having a well-defined CRM, the relationship between CRMs and service agreements, and how these elements play a crucial role in assessments. The conversation emphasizes the need for clarity in responsibilities, the role of Managed Service Providers (MSPs), and ...
This protips podcast episode is extra special! It includes clips from our webinar delving into the intricacies of system security plans (SSPs), emphasizing their critical role in organizational security and compliance with NIST 800.171 and CMMC standards. The discussion covers the importance of scoping, defining system boundaries, managing data flow, and detailing security controls. It also highlights the necessity of well-defined ...
In this episode, Kaleigh interviews Dy Edington, the Director of Information Security at AV (formally BlueHalo), about her journey through the CMMC Level 2 assessment. Dy shares insights on the importance of leadership buy-in, team collaboration, and the challenges faced during implementation. She emphasizes the significance of documentation, training, and continuous improvement in maintaining compliance. She also offers valuable a...
In this first episode of Season 4 of Climbing Mount CMMC, Bobby and Kaleigh discuss the intricacies of Plans of Action and Milestones (POA&Ms) in the context of compliance with CMMC and NIST standards. They explore the historical misuse of POA&Ms, the new regulations that have been implemented, and the importance of creating effective POA&Ms. The conversation also touches on the role of operational plans of action (OPAs...
*Spoiler Alert*
CMMC is real and it's happening right now.
In this episode, Kaleigh Floyd and Bobby Guerra discuss the critical aspects of CMMC compliance for contractors, addressing common questions and concerns. They explore the differences between CMMC Level 1 and Level 2, the importance of legal guidance, and the necessity of understanding controlled unclassified information (CUI). The conversation emphasizes the need for p...
In this episode, Bobby and Kaleigh discuss five significant changes they believe could be made to the CMMC ecosystem. They explore the thought of C3PAOs to providing recommendations after assessments, the possibility of allowing organizations to pass with a score of 88, and the importance of having a C3PAO assessment process for MSPs. They also emphasize the need for yearly reviews instead of full assessments and the challenges pos...
In this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of adopting CMMC (Cybersecurity Maturity Model Certification) from both the MSP and client perspectives. They explore the challenges organizations face in implementing CMMC, the importance of client education, and the need for a structured approach to change management. The conversation emphasizes the necessity of leadership buy-in and the scalability of proce...
In this episode, Kaleigh and Bobby discuss the complexities of CMMC documentation with Tom Conkle from Optic Cyber Solutions. They explore the challenges of writing effective System Security Plans (SSPs) and Customer Responsibility Matrices (CRMs), emphasizing the importance of viewing these documents as management tools rather than mere compliance checkboxes. The conversation highlights common pitfalls organizations face, the sign...
In this episode, Kaleigh Floyd and Bobby Guerra delve into the complexities of inheritance within the CMMC framework, particularly focusing on the role of external service providers (ESPs) and the responsibilities of organizations seeking assessment (OSA). They discuss the importance of system security plans, the nuances of the CMMC assessment process, and the challenges faced by managed service providers (MSPs) in navigating inher...
In this episode, Kaleigh and Bobby discuss the complexities of scaling CMMC for Managed Service Providers (MSPs). They explore the challenges of compliance, the importance of tools, and the necessity of having structured operational and sales strategies. The conversation also delves into the 'Four Horsemen' of compliance, which are critical for maintaining security and compliance standards. Finally, they emphasize the imp...
In this episode, Bobby and Kaleigh discuss the challenges and strategies of marketing within the CMMC space. Kaleigh shares her journey of transitioning into this niche market, emphasizing the importance of building a reputation, understanding client needs, and maintaining transparency throughout the sales process. They explore the significance of effective communication, the necessity of educating clients about CMMC, and the balan...
In this episode, Bobby and Kaleigh explore the CyberAB ecosystem, focusing on the various roles and certifications within the CMMC framework. They discuss the importance of understanding the distinctions between Registered Practitioners (RP), Registered Practitioner Organizations (RPO), CMMC Certified Professionals (CCP), and CMMC Certified Assessors (CCA). The conversation also highlights the role of C3PAOs in conducting assessmen...
In this episode of Climbing Mount CMMC, hosts Kaleigh Floyd and Bobby Guerra delve into the intricacies of Customer Responsibility Matrices (CRMs) and their significance in CMMC compliance. They discuss the definition of CRMs, their importance in defining responsibilities between customers and service providers, and the essential components needed to create an effective CRM. The conversation emphasizes the need for clarity in respo...
In this episode of Climbing Mount CMMC, hosts Kaleigh Floyd and Bobby Guerra engage with Chris and Hannah Silvers, a father-daughter duo from CG Silver's Consulting. They discuss their journey in the cybersecurity field, the challenges and dynamics of CMMC, and the importance of community and collaboration in navigating this complex landscape. The conversation highlights the unique challenges faced by MSPs in adapting to CMMC ...
In this episode, Kaleigh Floyd and Bobby Guerra discuss the critical issue of false starts in CMMC assessments, emphasizing the importance of proper documentation and preparation. They explore the phases of CMMC assessments, the consequences of failing to meet requirements, and the necessity of seeking help from consultants. The conversation highlights the significance of mock assessments and understanding the roles of external ser...
Popular Podcasts
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!