Episodes
Thursday Jul 13, 2023
29: Unraveling Managed Security and Cloud Services
Thursday Jul 13, 2023
Thursday Jul 13, 2023
We unravel the world of Managed Services and their role in Cybersecurity Maturity Model Certification (CMMC). Explore the dynamic landscape of Managed Services, focusing on security and cloud solutions tailored to meet your CMMC needs.
Whether you're grappling with limited IT staff, budget constraints, or with on-premises systems, Managed Services offer a solution to your pain points. Learn how Managed Services providers, like us at Redspin, with their expertise in CMMC, security and IT, can be the missing piece in your CMMC puzzle.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Friday Jun 23, 2023
28: CMMC Documentation Compliance: Is Lean too Mean? Does Bloat equal Gloat?
Friday Jun 23, 2023
Friday Jun 23, 2023
Join Redspin's Rob Teague and Thomas Graham, along with special guests Chandler Hall and Steve Pratt from Sentar, as they demystify CMMC documentation compliance in this episode.
Discover the critical role of documentation for OSCs and its significance in the CMMC process. Our experts define documentation in the context of CMMC and unravel its constant evolution. Delve into SSPS and its key components, including high-level ODPs, policies and procedures, CUI data flow diagram, asset inventory, and system description.
Unlock insights from C3PAOs, emphasizing practices over objectives, and learn the benefits of working with MSPs and RPOs. Explore opportunities to streamline and consolidate policies, plans, and procedures, finding the perfect balance between efficiency and excess.
Listen in as we crack the code of CMMC documentation compliance, and discover whether being lean is too mean or if bloat equals gloat. Tune in for a concise and enlightening exploration of this vital cybersecurity topic.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Thursday May 18, 2023
27: NIST 800-171 Revision 3 Update and Its Significance for CMMC
Thursday May 18, 2023
Thursday May 18, 2023
In this episode, we're going to dive into a topic that has been making waves in the CMMC community - the updates introduced in NIST 800-171 Revision 3 and explore the significant impact for organizations seeking Cybersecurity Maturity Model Certification (CMMC) certification.
Join us as we navigate through the key changes and enhancements introduced in Revision 3 and how they shape the landscape of CMMC. We discuss the updates, the expanded scope, timeline, and the implications for organizations seeking CMMC certification.
Through this discussion and expert analysis, Dr. Thomas Graham and Robert Teague shed light on the significance of this update, providing valuable insights for businesses and individuals navigating CMMC. Tune in to gain a deeper understanding of the new NIST 800-171 Revision 3 and its far-reaching implications for CMMC.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Thursday Mar 09, 2023
26: CMMC in Motion: Rulemaking Updates with Matt Travis
Thursday Mar 09, 2023
Thursday Mar 09, 2023
In this episode Matt Travis, CEO of the Cyber AB joins us to discuss the latest updates and processes in the Cybersecurity Maturity Model Certification (CMMC) rulemaking timeline, as of March 3rd, 2023.
Matt breaks down what the proposed rule looks like, how long it will take before its finalized, and more.
Whether you're leading your organizations CMMC efforts, are a C3PAO, or simply following along with this important cybersecurity initiative, this episode provides valuable insights into the CMMC ecosystem. Tune in to stay ahead of the curve in safeguarding your organization's critical data.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Friday Dec 09, 2022
25: CMMC - NFOs, Don’t Ignore Your Appendix E
Friday Dec 09, 2022
Friday Dec 09, 2022
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Today we discuss Non-Federal Organization (NFO) controls, where Appendix E comes into play, updates on the NIST 800-171 rev.3 announcement, and dig a little into cybersecurity strategy.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Friday Dec 09, 2022
Friday Dec 09, 2022
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Today we discuss your CMMC (and DFARS) requirements around Incident response, how to address the problem of limited resources for small and medium-sized businesses, and cover what actually makes a good communications/response plan.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Thursday Dec 08, 2022
23: CMMC and Logging Capabilities, The Why and How
Thursday Dec 08, 2022
Thursday Dec 08, 2022
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Logging plays a major role in protecting an organization's CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment.
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!
Thursday Dec 08, 2022
22: CMMC - Understanding Documentation
Thursday Dec 08, 2022
Thursday Dec 08, 2022
This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
The documentation episode, where we address some of Redspin's most common questions like: Do I need documentation for every domain? How long should your SSP be? Why do we need documentation, and do we still need it with CMMC 2.0? Listen in as Rob and Thomas walk through the documentation requirement, what to expect during an assessment, important documentation aspects you can't afford to miss, and where to turn when you don't know where to begin (we have templates!).
Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.
Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!