Cyberspin

In this episode, we unpack one of the most common questions in the CMMC space: What actually triggers a reassessment? From changes in CUI flow to infrastructure shifts and company acquisitions, we break down when you might need to re-certify—and what’s still awaiting clarity from the DoD.
We also share lessons learned from the field, including common missteps organizations are making in cloud environments. Misconfigured policies, inherited templates, and SSPs that don’t reflect reality are tripping up otherwise prepared teams.
Next, we take a closer look at the Shared Responsibility Model. Your External Service Provider (ESP) can’t carry the full weight of compliance. We explain what controls can be inherited, what’s shared, and where your organization is ultimately accountable.
Then we dive into key updates on 48 CFR—the rule that puts CMMC into contracts. With final review underway, we discuss what the phased rollout may look like, enforcement timelines, and how this will impact existing agreements.
Finally, don’t miss the live Q&A segment, where we tackle everything from overseas CUI control obligations to M365 scoping confusion and the new six-year evidence retention rule.
Tune in & take notes!
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Big moves in CMMC rulemaking are happening, and the signals from DoD leadership are loud and clear. In this episode, we break down the recent milestone that sent 48 CFR to OIRA for final review, the critical July 18th memo from THEE Secretary of Defense, and what it all means for the Defense Industrial Base. We’ll talk terminology ("effective" vs. "enforceable"), and timelines for contractors.
 
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

In this CMMC Connect replay episode, we dive into the most pressing questions facing the Defense Industrial Base right now. Kicking things off with a state-of-the-ecosystem update, our panel tackles the big-ticket items—how much CMMC actually costs, where we are in the implementation timeline, and how many assessments have already been completed. We also break down the current stats on authorized C3PAOs and certified professionals in the ecosystem.
After setting the stage, we shift into audience-driven content, answering pre-submitted questions and opening the floor for a lively live Q&A with defense contractors across the country.
Whether you’re prepping for your assessment or just trying to wrap your head around what CMMC means for your business, this episode is packed with insight and candid guidance from the front lines.
Tune in & take notes!
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

This month, our expert panel tackles the real-world challenges of CMMC compliance, from getting started and surviving assessments to sustaining success. We break down training must-haves, insider threat risks, MFA requirements, retroactive CUI headaches, and how tools like VDI and FedRAMP fit into your strategy. Tune in for practical tips, pitfalls to avoid, and audience Q&A that dives into the details you actually care about.
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

A long time ago (okay, April 24, 2025), in an ecosystem not so far away…Redspin hosted a CCA and CCP Q&A packed with practical advice for navigating CMMC compliance. Topics spanned NIST 800-171 Rev. 3 updates, ERP system management, SSP maintenance, CUI handling in Azure GCC vs. GCC High, remote access security, and cost distribution across federal contracts.
 
Panelists also explored user privileges, FedRAMP equivalency, and how CUI management differs between civilian and DoD contexts. Listen in for real-world insights and strategies to conquer the complexities of CMMC!
 
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

With headlines swirling about the new DoD nominee reviewing 48 CFR( the rule that puts CMMC in contracts), is CMMC on the chopping block? Rob Teague, Dr. Thomas Graham, and special guest David Bailey break down the headlines and clear up the confusion.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

Insights from our CMMC Assessor team on:
Preparing for CMMC assessments
The implications of using AI in compliance
Requirements for cloud services.
The session also addresses common questions regarding vulnerability data, SPRS compliance, and the differences between GCC and GCC High environments. The conversation concludes with a live AMA session where participants can engage directly with the panelists. 
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.

This month, we cover important updates regarding CMMC compliance, including a JSVA update and Katie Arrington's return to the driver's seat.
 
Our panelists delve into the complexities of compliance with CUI regulations, the challenges of recovering costs in future contracts, and the importance of customer responsibility matrices in FedRAMP. It also addresses the nuances of CMMC compliance, particularly regarding subcontractor challenges and the integration of ERP solutions, plus so much more.
 
CMMC Connect happens every last Thursday at 1 PM ET. Register: redspin.com/events/cmmc-connect
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.