Episodes
Monday Jul 01, 2024
June CMMC Connect: Timelines, Encryption, Flow-Down, CCP, and more
Monday Jul 01, 2024
Monday Jul 01, 2024
In this episode of the Cyberspin Podcast's CMMC Connect Series, we present a replay of our latest CMMC Connect session. Join Tara Lemieux, Dr. Thomas Graham, and Rob Teague as they answer audience questions on key CMMC topics, including NIST 800-171 Rev. 3 timelines, the impact of encryption on CUI, prime-to-subcontractor flow-down requirements and responsibilities, CMMC Certified Professional (CCP) courses, and more.
Tune in for key takeaways and best practices to help you navigate your CMMC journey effectively.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Tuesday Jun 04, 2024
Tuesday Jun 04, 2024
In this episode of the Cyberspin Podcast: CMMC Connect Series, we bring you a replay of our latest CMMC Connect session. Join Dr. Thomas Graham, Jeremy Mares, and Rob Teague as they answer audience questions on critical CMMC topics, including how remote desktop affects scoping, the best ways to share information with subcontractors within compliance, and strategies for gaining leadership buy-in.
Tune in for key takeaways and best practices to help you navigate your CMMC journey effectively.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Tuesday Apr 16, 2024
The Prime’s Perspective on CMMC
Tuesday Apr 16, 2024
Tuesday Apr 16, 2024
In this episode of Cyberspin, join Rob Teague and Dr. Thomas Graham as they talk CMMC with special guests, Jennifer Simpson, Sr. Director, of Corporate Cyber Assurance and Shari Pettersson Director, of Information Security Authorizations & Decisions (ISAD) at BAE Systems, Inc.
Learn how BAE Systems, Inc. embarked on their CMMC journey early with a Joint Surveillance Voluntary Assessment (JSVA). From early preparations to final assessments, get an insider’s perspective on how one of the leading defense contractors navigates the complexities of CMMC, ensuring the security and compliance of their operations. This discussion sheds light on how to prepare for CMMC directly from a prime contractor who has taken early steps to demonstrate cybersecurity maturity through CMMC.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Thursday Apr 11, 2024
Small Cloud for Big Savings
Thursday Apr 11, 2024
Thursday Apr 11, 2024
Contractors serving the DoD are in a constant battle to safeguard their data in compliance with the CMMC. Listen to this episode of Cyberspin as our experts explore how managed cloud services can accelerate the Cybersecurity Maturity Model Certification (CMMC) journey and how they are the fastest and easiest way to accommodate a segment of your organization that handles CUI data.
Subscribe & Stream: Gear up for your CMMC journey with "Cyberspin," available on Apple iTunes, Spotify, and redspin.com. Subscribe for the latest insights on navigating your cybersecurity landscape.
Tuesday Mar 26, 2024
CMMC and Azure Cloud Misconceptions
Tuesday Mar 26, 2024
Tuesday Mar 26, 2024
Contractors working with the Department of Defense (DoD) who store, process, and/or transmit CUI face a crucial challenge: ensuring that their technical security controls, documentation, policies, and processes are robust enough to meet the stringent demands of CMMC. With a range of Cloud offerings available, understanding how each aligns with CMMC standards can be quite a challenge.
Listen as we tackle the most prevalent misconceptions surrounding Azure Cloud and its ability to satisfy CMMC requirements. We'll break down the differences between Azure Commercial 365, Government Community Cloud (GCC), and GCC High. You'll learn when it's appropriate to choose GCC over GCC High, especially concerning ITAR data considerations, and whether FIPS Encryption is adequately provided for the communication and storage of Controlled Unclassified Information (CUI) data.
We'll also tackle the challenges that remote companies face in meeting CMMC's network criteria and explain why waiting until 2027 to address CMMC could be a misstep.
Tune in as we debunk myths and shed light on the essential criteria that will help you navigate your CMMC journey.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Tuesday Dec 19, 2023
The Why Behind CMMC, with Robert Hill, CEO of Cyturus
Tuesday Dec 19, 2023
Tuesday Dec 19, 2023
In this episode, we sit down with Robert Hill, the Founder and CEO of Cyturus, to unravel the WHY behind the Cybersecurity Maturity Model Certification (CMMC).
Our conversation kicks off with the pressing question: Why do small defense contractors need the same level of security as industry giants like Boeing and Raytheon? Robert Hill walks us through the tactical why, painting a vivid hypothetical scenario. Imagine a seemingly minor 4-millimeter adversarial change in the dimensions of a gasket from a subcontractor manufacturer. This breach has the potential to infect the Department of Defense like a virus, leading to the grounding of a warfighter jet and the potential to impact lives.
The discussion extends beyond supply chain issues, delving into the critical need to protect intellectual property. Hill emphasizes that the true threat lies not just in information breaches but in the subsequent manipulation of data—a concept with long-term real-world implications.
Join us as we explore the technical aspects. However, our conversation takes a turn as we point out CMMC is not merely about IT controls; it's about fostering a culture of cybersecurity. CMMC is not a checkbox compliance but a movement that requires business buy-in and a deep understanding of the WHY.
Tune in to gain insights into the world of cybersecurity, understand the genuine need to protect national defense information, and recognize that CMMC is more than compliance—it's a cybersecurity movement.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Tuesday Oct 31, 2023
Tuesday Oct 31, 2023
Celebrate Cybersecurity Awareness Month with Redspin! We’re here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we’ll be shining a spotlight on our CMMC guides each week.
In this episode, we're excited to introduce Dr. Thomas Graham, a seasoned professional with a unique perspective on the world of cybersecurity, particularly from a Department of Defense (DoD) lens. With experience spanning the DHA, Navy medicine, from the governance perspective, and even a Federal Health IT Award-winning team, Thomas is well-equipped to shed light on the intricacies of this critical field.
Join us as we uncover the historical roots of Controlled Unclassified Information (CUI) and "read the tea leaves" of the Cybersecurity Maturity Model Certification (CMMC), positioning itself as a unifying force for cybersecurity requirements across various government agencies. Thomas, an expert in discerning the nuances of language, shares his insights into the future of CMMC and its potential impact on the DoD and other federal agencies.
Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.
Tuesday Oct 24, 2023
Your CMMC Guide: John Fitch, Azure CMMC Architect at Redspin
Tuesday Oct 24, 2023
Tuesday Oct 24, 2023
Celebrate Cybersecurity Awareness Month with Redspin! We're here to guide you through CMMC (Cybersecurity Maturity Model Certification). To mark this important month, we'll be shining a spotlight on our CMMC guides each week.
In this episode, we chat with John Fitch, Azure expert who works with OSCs in building a secure encalve. John emphasizes CMMC offers significant value to both large and small contractors. It effectively safeguards against advanced persistent threats (APTs), particularly those targeting sensitive national information. Unlike a mere compliance checklist, CMMC prioritizes accountability making it a valuable addition to the future of national cybersecurity.
Throughout the month, we'll be featuring Subject Matter Experts in the world of CMMC. These are the leaders who are actively engaged in safeguarding sensitive data within our ecosystem. Join us to learn about their roles, their history working with the Department of Defense, and their insights into the impact that CMMC will have. Together, we can strengthen our cybersecurity defenses and protect what matters most.
Listen in at redspin.com or your favorite podcast platform.