Cyberspin

This month, our expert panel tackles the real-world challenges of CMMC compliance, from getting started and surviving assessments to sustaining success. We break down training must-haves, insider threat risks, MFA requirements, retroactive CUI headaches, and how tools like VDI and FedRAMP fit into your strategy. Tune in for practical tips, pitfalls to avoid, and audience Q&A that dives into the details you actually care about.

...

A long time ago (okay, April 24, 2025), in an ecosystem not so far away… Redspin hosted a CCA and CCP Q&A packed with practical advice for navigating CMMC compliance. Topics spanned NIST 800-171 Rev. 3 updates, ERP system management, SSP maintenance, CUI handling in Azure GCC vs. GCC High, remote access security, and cost distribution across federal contracts.   Panelists also explored user privileges, FedRAMP equivalency, and ...

Insights from our CMMC Assessor team on:

• Preparing for CMMC assessments
• The implications of using AI in compliance
• Requirements for cloud services.

The session also addresses common questions regarding vulnerability data, SPRS compliance, and th...

This month, we cover important updates regarding CMMC compliance, including a JSVA update and Katie Arrington's return to the driver's seat.   Our panelists delve into the complexities of compliance with CUI regulations, the challenges of recovering costs in future contracts, and the importance of customer responsibility matrices in FedRAMP. It also addresses the nuances of CMMC compliance, particularly regarding subcontractor cha...

This month, we break down the FAR CUI proposed rule and what it means for your CMMC readiness. Our experts, Phil, Les, Dr. Thomas, Rob, and Jeremy, tackle key topics, including:

• Security awareness training – Who needs it and why?
• Reporting requirements – What’s changing and how to stay compliant.
• Assessment costs – What impacts pricing and how to save money.
• GRC tools & cloud compliance – Choosing the right solutions.

In this episode, the Redspin team of Certified CMMC Assessors (CCAs) gets together to break down the latest updates and buzz in the CMMC ecosystem.  

They discuss the surprises in the recently published proposed FAR CUI rule, the status of the 48 CFR rule (CMMC in contracts) and when to expect it to be finalized, as well as what CMMC Level 3 means for the Defense Industrial Base (DIB) and where to start.

...

In this episode of Cyberspin, we bring you a replay of December’s CMMC Connect session, featuring an engaging discussion with our CCPs and CCAs: Jeremy Meyers, Rob Teague, Dr. Thomas Graham, and Belen Coleman. The team tackles audience questions, dives into the implications of the finalized and in effect 32 CFR rule, and explores practical strategies for achieving and maintaining CMMC compliance.

Key topics include:

• Prepari...

In this special episode, Robert Hill, CEO at Cyturus, shares the inside scoop from his discussion with Representative Gary Palmer’s staff about Palmer’s joint resolution disapproving the CMMC rule.

Learn what this resolution means for DoD contractors, how it could impact compliance efforts, and why staying focused on the path to compliance is more important than ever.

Listen to clarify the implications and next steps for navi...

This conversation is a replay of Redspin's November 2024, CMMC Connect Q&A session. The conversation covers various aspects of the CMMC process, including boundary considerations, asset definitions, and strategies for preparing for assessments.   The speakers (some who are live from the Cyber AB's CEIC Conference) provide insights into the latest updates on the new CMMC Assessment Process (CAP) release, how Managed Service Pro...

This episode shares October’s CMMC Connect session, which features special guest Matt King, Belcan's Chief Security and Data Officer, alongside Jeremy Mares and Robert Teague from Redspin.

The team breaks down the latest CMMC updates, including insights on the finalized 32 CFR timeline, tips for defining CUI, and new requirements for MSP and ESP certifications.

They also tackle audience questions on key topics like scoping, trainin...

Rob Teague and the team discuss the anticipated 32 CFR final rule. They explore initial key takeaways from the rule, including changes in certification processes for external service providers, DIBCAC-High assessments, the appeals process, record retention requirements, and the impact of mergers and acquisitions on certification.   Rob, Dr. Thomas Graham, and Jeremy Mares emphasize the importance of acting quickly to navigate the ...

This episode is a replay of the latest CMMC Connect session, where we tackle critical updates on CMMC rulemaking, public comments, and timelines. It features insights from the "Queen of CMMC" Tara Lemieux, Rob Teague, who joins us live from NCS, and cloud security expertise from Steve Akers.

We dive into essential tips for compliance, Cloud environments, the 48 CFR rule, and what small businesses need to know as 2025 approaches. Do...

In this month's episode, we revisit the August CMMC Connect session, where Jeremy, Thomas, and Rob discuss the latest updates and questions surrounding the Cybersecurity Maturity Model Certification (CMMC). 

Tune in as we cover key topics, including the anticipated timeline for CMMC certification requirements, recent developments like the 32 CFR and 48 CFR publications, and the cost implications for small businesses aiming for CMMC...

As part of our CMMC Connect Series of the Cyberspin Podcast, this episode presents a replay of our latest CMMC Connect session. Listen as Jeremy Mares, Tara Lemieux, Dr. Thomas Graham, and Rob Teague as they tackle audience questions on essential CMMC topics:

• CMMC Implementation strategies
• How to ensure suppliers and subcontractors protect sensitive data and are tackling CMMC
• Addressing requirements for small businesses...

In this episode of the Cyberspin Podcast's CMMC Connect Series, we present a replay of our latest CMMC Connect session. Join Tara Lemieux, Dr. Thomas Graham, and Rob Teague as they answer audience questions on key CMMC topics, including NIST 800-171 Rev. 3 timelines, the impact of encryption on CUI, prime-to-subcontractor flow-down requirements and responsibilities, CMMC Certified Professional (CCP) courses, and more.

Tun...

In this episode of the Cyberspin Podcast: CMMC Connect Series, we bring you a replay of our latest CMMC Connect session. Join Dr. Thomas Graham, Jeremy Mares, and Rob Teague as they answer audience questions on critical CMMC topics, including how remote desktop affects scoping, the best ways to share information with subcontractors within compliance, and strategies for gaining leadership buy-in.

Tune in for key takeaways and best p...

In this episode of Cyberspin, join Rob Teague and Dr. Thomas Graham as they talk CMMC with special guests, Jennifer Simpson, Sr. Director, of Corporate Cyber Assurance and Shari Pettersson Director, of Information Security Authorizations & Decisions (ISAD) at BAE Systems, Inc.

Learn how BAE Systems, Inc. embarked on their CMMC journey early with a Joint Surveillance Volu...

Contractors serving the DoD are in a constant battle to safeguard their data in compliance with the CMMC. Listen to this episode of Cyberspin as our experts explore how managed cloud services can accelerate the Cybersecurity Maturity Model Certification (CMMC) journey and how they are the fastest and easiest way to accommodate a segment of your organization that handles CUI data.

Subscribe & Stream: Gear up for your CMMC journe...