CyberSpin

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments. 

Today we discuss Non-Federal Organization (NFO) controls, where Appendix E comes into play, updates on the NIST 800-171 rev.3 announcement, and dig a little into cybersecurity strategy. 

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments. 

Today we discuss your CMMC (and DFARS) requirements around Incident response, how to address the problem of limited resources for small and medium-sized businesses, and cover what actually makes a good communications/response plan.

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments. 

Logging plays a major role in protecting an organization's CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment. 

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments. 

The documentation episode, where we address some of Redspin's most common questions like: Do I need documentation for every domain? How long should your SSP be? Why do we need documentation, and do we still need it with CMMC 2.0? Listen in as Rob and Thomas walk through the documentation requirement, what to expect during an assessment, important documentation aspects you can't afford to miss, and where to turn when you don't know where to begin (we have templates!).

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

Redspin's CMMC experts are back to highlight the recent news announcing the start of joint C3PAO and DIBCAC assessments! During the CMMC AB Townhall on July 26th, 2022 it was announced that the first set of certifications will kick off as a joint surveillance program with C3PAOs and DIBCAC. 

Representing one of the first C3PAOs conducting a joint DIBCAC HIGH assessment, Redspin's Thomas Graham walks us through what the first four  assessments will look like, what the relationship between the OSC and C3PAO will look like during these assessments, and will discuss the goal of DIBCAC High. Our experts will also discuss what happens to DIBCAC Joint assessments once CMMC is live and active. Rob Teague reviews what a joint assessment is, what the current projected course is for CMMC finalization, and last Ross Piper covers the release of the CAP. 

Do you have a question you’d like us to address on this podcast, or would you like to connect with us at an upcoming conference? Send us an email at podcast@redspin.com.

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. 

The Cyber AB and the PMO office recently announced that CMMC 2.0 certifications can be conducted, just not under the “CMMC 2.0” title. The certifications will temporarily be called “DIBCAC High certifications” until the rule-making phase is complete. So, what does that mean for organizations seeking certification?

Today Redspin’s CMMC Experts, Dr. Thomas Graham, Rob Teague, and Ross Piper will clarify this process so OSCs understand the way forward. 

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Rob Teague, Dr. Thomas Graham, and special guest Noel Vestal (Compliance Manager at Preveil) join us for this third installment of our "Rumor Control" series to squash the rumors and talk through the challenges surrounding System Security Plans (SSPs).

Listen in as Rob, Thomas, and Noel dive into a fun, yet informative discussion on all things SSP. Also, catch a deeper dive into the subject by signing up for our joint webinar with Preveil on March 30th where we will go into even more detail and be able to answer your questions live, on camera. 

Register for the webinar, or view more details here >>

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Rob Teague, Dr. Thomas Graham, and Ross Piper join us in this second installment of the Rumor Control series to dive into CMMC CCP training. 

Listen in as Rob, Thomas, and Ross dive into the facts of CMMC  CCP training. They will also walk through recent training announcements that come directly from the CMMC-AB and offer their perspectives and professional insights into whether those of you who want to become a Certified CMMC Assessor/Professional should wait to take the training or not. 

This episode should clarify your training questions, but for more details, and information please visit: 

• Redspin's Official CMMC Training Website

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Rob Teague and Dr. Thomas Graham join us in this episode to explain a few recent rumors surrounding documentation and CMMC certification.

Listen in as Rob and Thomas dive into the facts surrounding documentation requirements, and what Managed Service Providers (MSPs) need to provide in terms of documentation that will help you navigate your CMMC needs, avoid any confusion, save time + energy, and overall stay in the know and ahead of the curve when it comes to all things CMMC documentation.  

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

The DoD has issued a long-awaited statement regarding updates to its Cybersecurity Maturity Model Certification (CMMC) program, and this newly announced CMMC 2.0 program has some indicated changes... In November 2021, Redspin joined forces with our friends over at PreVeil for a webinar titled "CMMC 2.0’s Impact on SMBs" that covered how SMBs should prepare for 2.0 , approaches for managing CUI, and how SMBs should get ready for DIBCAC and C3PAO audits. 

In this episode of CyberSpin, the webinar gang is back and here to provide their input and insight into these unanswered questions. 

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.