Climbing Mount CMMC

In this episode of Cyb-Her, Kaleigh shares with Axiom employee, Maleah Adams, her journey from call coordinator to COO, speaking on her experiences in the MSP and cybersecurity space, including her work and transition to the CMMC ecosystem and her perspective as a woman in a male-dominated industry....

In this episode of Climbing Mount CMMC, Fernando Machado (CCA) from CyberSec Investments shares his extensive experience with Kaleigh and Bobby about the CMMC assessment process, the journey to becoming a C3PAO, and practical insights for contractors navigating the certification landscape. They disc...

In this episode, Kaleigh and, new to Axiom, Ashton Guerra discuss the critical questions organizations seeking CMMC Level 2 certification (OSCs) should ask their MSPs. They share insights on scope, security measures, and the importance of transparency in the certification journey. Website: https://w...

In this new series we like to call "Spelunking", Bobby and Kaleigh explore the updates in NIST 800-171 Revision 3, focusing on the differences from Rev 2, including control changes, assessment objectives, and preparation strategies for compliance. In this episode, they focus on control 03.02 Awarene...

In the season 5 premiere of Climbing Mount CMMC, Kaleigh and Bobby share practical, boots-on-the-ground insights on implementing CMMC self-assessments, especially for MSPs supporting multiple clients. They break down how to approach self-assessments with the discipline of a formal audit, while still...

In the season 4 finale of Climbing Mount CMMC, Kaleigh and Bobby share their extensive experience navigating the complexities of achieving CMMC Level 2 certification as an MSP. They discuss the importance of commitment, education, strategic planning, and the realities of scaling support for governme...

In this episode of Climbing Mount CMMC, Kaleigh and Bobby discuss the concept of grace within the CMMC framework, particularly focusing on the NIST 800-171 controls, the role of C3PAOs, and the importance of mock assessments. They emphasize the need for proper training and certification, the signifi...

In this episode of Climbing Mount CMMC, Bobby and Adam discuss the implications of Rev3 for MSPs in the context of CMMC. They explore the challenges MSPs face in achieving compliance, the role of external service providers, and the importance of documentation and shared responsibilities. They highli...

In this episode of Climbing Mount CMMC, Bobby and Adam discuss the intricacies of Plan of Action and Milestones (POAM) in the context of cybersecurity assessments. They explore the importance of having a clear understanding of what constitutes a POAM, the distinction between operational plans and as...

In this episode of Climbing Mounts CMMC, hosts Kaleigh Floyd and Bobby Guerra discuss the five stages of grief related to the CMMC compliance journey. They share personal experiences and insights on denial, anger, bargaining, depression, and acceptance, emphasizing the importance of understanding th...

In this episode, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss the complexities surrounding Cloud Service Providers (CSPs) and Managed Service Providers (MSPs) in the context of CMMC compliance. They clarify the definitions, roles, and responsibilities of MSPs and CSPs, particularly in relatio...

In this episode, the hosts discuss the significant changes introduced in NIST 800-171 Rev 3, focusing on the transition from Rev 2 to Rev 3, the importance of Organizational Defined Parameters (ODPs), and the role of external service providers in compliance. They emphasize the need for System Securi...

In this episode, Kaleigh and Bobby are joined by Axiom's own, Adam Evans, to discuss the significant changes introduced in NIST 800-171 Rev 3, focusing on the transition from Rev 2 to Rev 3, the importance of Organizational Defined Parameters (ODPs), and the role of external service providers in com...

In this episode, Kaleigh and Bobby discuss the complexities of managing Controlled Unclassified Information (CUI) within the framework of CMMC compliance. They explore the challenges of physical boundaries, the role of personnel in safeguarding CUI, and the implications of printing and disposing of ...

In this episode of "Climbing Mount CMMC," hosts Kaleigh Floyd and Bobby Guerra delve into the intricacies of preparing for a CMMC Level 2 assessment, particularly focusing on the role of external service providers (ESPs) and Managed Service Providers (MSPs). They emphasize the importance of selectin...

In this episode of Climbing Mount CMMC, hosts Bobby and Kaleigh discuss the critical topic of self-attestation for CMMC level two requirements. They explore the evolution of self-attestation, the risks associated with misrepresentation, and the importance of accountability in the self-assessment pro...

In this episode, Kaleigh and Bobby discuss the significant changes and challenges that companies will face in 2026 regarding CMMC compliance. They delve into the implications of new CMMC Level 2 requirements, the importance of self-assessments versus third-party assessments, and the potential conseq...

In this episode, Kaleigh Floyd and Bobby Guerra discuss the intricacies of change management within Managed Service Providers (MSPs) and its critical role in ensuring compliance with CMMC standards. They emphasize the importance of leadership buy-in, effective training for both client and internal s...

In this conversation, Dy Edington discusses the essence of CMMC, emphasizing that it is not merely about following specific procedures but about achieving results with consistency and transparency. She highlights the significance of managing change effectively to prevent unexpected disruptions, link...

In this episode, Bobby interviews Axiom's Marketing Coordinator, Maleah Adams, about her experience taking the CCP (CMMC Certified Professional) course. In a brief conversation, they touch on what CMMC looks like from a beginner's perspective and how the CCP course helped shaped that knowledge. She ...