Cyberspin

In this special Halloween edition of CMMC Connect, the Redspin team swapped their suits for costumes and dove into what’s next as CMMC Phase 1 officially begins on November 10.

Join Dr. Thomas Graham, Jeremy Mares, Rob Teague, and Phil Conrad, hosted by Lauren Frickle, as they unpack:

• Why November 10 marks the start of CMMC, not the finish line

• What to do before the rollout — including updating your SPRS scores

• When servi...

CMMC timelines, DFARS 7025, FedRAMP CRM responsibilities, interim compliance signals, and what’s next for NIST 800-171 Rev. 3, our team of CMMC Certified Assessors (CCAs) covered the hottest questions the DIB is asking right now. If you’re aiming for Level 2 or fielding customer requests for proof of certification in Phase 1, this conversation is your quick-hit guide to what matters most.

CMMC Connect happens ever...

The long-awaited final 48 CFR DFARS 7021 rule has dropped, and CMMC is officially headed into contracts. In this special live call-in edition of Cyberspin, the Redspin team gives their quick breakdown to the finalized rule before answering audience questions on everything from SSO/MFA and joint ventures to whether small contractors can realistically achieve Level 2 certification. We also dive into separation of duties, prime pressu...

In this live CMMC Connect session, Redspin’s experts tackle audience questions head-on: How soon after 48 CFR finalization will CMMC Level 2 show up in contracts? What’s the best way to secure printers in hybrid work environments? And what happens when CMMC shortfalls trigger False Claims Act investigations? Tune in for real-world answers, practical tips, and a candid look at the signals DoD contractors can’t afford to miss.

CMMC...

In this episode, we unpack one of the most common questions in the CMMC space: What actually triggers a reassessment? From changes in CUI flow to infrastructure shifts and company acquisitions, we break down when you might need to re-certify—and what’s still awaiting clarity from the DoD.

We also share lessons learned from the field, including common missteps organizations are making in cloud environments. Misconfigured policies, ...

Big moves in CMMC rulemaking are happening, and the signals from DoD leadership are loud and clear. In this episode, we break down the recent milestone that sent 48 CFR to OIRA for final review, the critical July 18th memo from THEE Secretary of Defense, and what it all means for the Defense Industrial Base. We’ll talk terminology ("effective" vs. "enforceable"), and timelines for contractors.

Subscribe to Cyberspin on Apple iTun...

In this CMMC Connect replay episode, we dive into the most pressing questions facing the Defense Industrial Base right now. Kicking things off with a state-of-the-ecosystem update, our panel tackles the big-ticket items—how much CMMC actually costs, where we are in the implementation timeline, and how many assessments have already been completed. We also break down the current stats on authorized C3PAOs and certified professionals...

This month, our expert panel tackles the real-world challenges of CMMC compliance, from getting started and surviving assessments to sustaining success. We break down training must-haves, insider threat risks, MFA requirements, retroactive CUI headaches, and how tools like VDI and FedRAMP fit into your strategy. Tune in for practical tips, pitfalls to avoid, and audience Q&A that dives into the details you actually care about.

• Preparing for CMMC assessments
• The implications of using AI in compliance
• Requirements for cloud services.

The session also addresses common questions regarding vulnerability data, SPRS compliance, and th...

This month, we break down the FAR CUI proposed rule and what it means for your CMMC readiness. Our experts, Phil, Les, Dr. Thomas, Rob, and Jeremy, tackle key topics, including:

• Security awareness training – Who needs it and why?
• Reporting requirements – What’s changing and how to stay compliant.
• Assessment costs – What impacts pricing and how to save money.
• GRC tools & cloud compliance – Choosing the right solutions.

They discuss the surprises in the recently published proposed FAR CUI rule, the status of the 48 CFR rule (CMMC in contracts) and when to expect it to be finalized, as well as what CMMC Level 3 means for the Defense Industrial Base (DIB) and where to start.

...

In this episode of Cyberspin, we bring you a replay of December’s CMMC Connect session, featuring an engaging discussion with our CCPs and CCAs: Jeremy Meyers, Rob Teague, Dr. Thomas Graham, and Belen Coleman. The team tackles audience questions, dives into the implications of the finalized and in effect 32 CFR rule, and explores practical strategies for achieving and maintaining CMMC compliance.

Key topics include:

• Prepari...

In this special episode, Robert Hill, CEO at Cyturus, shares the inside scoop from his discussion with Representative Gary Palmer’s staff about Palmer’s joint resolution disapproving the CMMC rule.

Learn what this resolution means for DoD contractors, how it could impact compliance efforts, and why staying focused on the path to compliance is more important than ever.

Listen to clarify the implications and next steps for navi...

This episode shares October’s CMMC Connect session, which features special guest Matt King, Belcan's Chief Security and Data Officer, alongside Jeremy Mares and Robert Teague from Redspin.

The team breaks down the latest CMMC updates, including insights on the finalized 32 CFR timeline, tips for defining CUI, and new requirements for MSP and ESP certifications.

They also tackle audience questions on key topics like scoping, trainin...