Climbing Mount CMMC

In this conversation, Bailey Reichelt, a trade and regulatory attorney, discusses the complexities of export controls and their implications for businesses in the aerospace and defense sectors. She emphasizes the importance of understanding export regulations, common misconceptions, and the need for...

In this episode of Climbing Mounts CMMC, hosts Kaleigh Floyd and Bobby Guerra welcome Andy Sauer from Sentinel Blue. They discuss the challenges and experiences of navigating CMMC compliance as managed service providers (MSPs). The conversation covers the entrepreneurial journey, the importance of l...

In this episode, Kaleigh Floyd and Bobby Guerra discuss the critical considerations for OSCs choosing an MSP for their CMMC journey and Managed Service Providers (MSPs) contemplating CMMC Level 2 certification. They explore the importance of selecting a qualified MSP, the preparation required for as...

Axiom passed their assessment! In this episode, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss their journey to passing a CMMC Level 2 assessment. They share insights from their mock and real assessments, the challenges they faced, and the importance of preparation and self-assessment. The conv...

Kaleigh Floyd hosts three prominent women in the CMMC ecosystem: Joy Beland, Amy Williams, and Carley Salmon. They discuss their backgrounds, the importance of cybersecurity compliance, and the evolving landscape of CMMC. Each guest shares their personal motivations for working in this field, highli...

Are you starting your CMMC and don't know where to begin? Let's talk about the foundation of your control implementation, which is the System Security Plan. This is not only critical to your business's compliance journey, but it's also a requirement for CMMC Level 2. Adam Evans, Axiom's Compliance O...

In this conversation, Bobby Guerra and Kaleigh Floyd discuss the critical role of agreements in the CMMC compliance journey. They emphasize the importance of well-structured agreements to mitigate risks and ensure clarity in responsibilities between Managed Service Providers (MSPs) and their clients...

(CybHER: Women in CMMC) In this inaugural episode of CybHER: Women in CMMC, Kaleigh Floyd and Koren Wise discuss the significant contributions of women in the CMMC ecosystem. Koren shares her journey from being a network engineer to becoming a licensed training provider and C3PAO. The conversation d...

Have you ever wondered what it's truly like in a CMMC assessment? Maybe you've thought about how to speak to an assessor or who needs to speak during certain controls. During this episode, we talk about Bobby's experience and how he prepared himself. Your SSP is your script, read from it. LinkedIn: ...

It's important to be fully prepared for a CMMC assessment by a C3PAO, but what if your humanity kicks in? There is an opportunity to gather more information for your assessor if they allow the re-evaluation. Let's talk about it! LinkedIn: https://www.linkedin.com/in/bobbyguerra/ Website: https://www...

In this episode, Kaleigh Floyd and Bobby Guerra discuss what CMMC readiness looks like, focusing on the necessary steps for organizations and Managed Service Providers (MSPs) to prepare for compliance. They emphasize the importance of having a solid system security plan, understanding the roles of M...

Are you new to CMMC and want to know where to start? This is a good place for you. Derrich has a lot of training, resources, and opportunities for others. The CMMC ecosystem is full of resources that will help you along the CMMC journey. Make sure to check them out and get involved! Derrich Phillips...

(Season Three Episode 1) It's less than 30 days from our CMMC Level 2 assessment and our MSP has done A LOT of preparation. We'd love to share our experience with all of you. We prepared our MSP to not only service ourselves, but also our clients. Axiom's goal is to be open and transparent with our ...

You're a business that has two options: Commercial or CMMC? It's hard to fully see the path ahead when you're only at the beginning. Bobby and Kaleigh give a 12 Step process of climbing the CMMC Mountain ahead. This is focused more towards MSPs, but any business, especially SMBs, can get a lot out o...

In this episode, Kaleigh Floyd, Bobby Guerra, and Vincent Scott discuss the critical aspects of self-assessments in the context of CMMC compliance. They explore the different types of self-assessments, the importance of having a System Security Plan (SSP), and practical strategies for conducting eff...

We sat down with Dr. Ron Ross about his story and how he got to where he is today. He shares what his first job was out of the Army and his health battle while writing publications for NIST. His journey is incredibly inspiring, and we feel such gratitude to be able to share this with all of you. To ...

You can't have NIST SP 800-171 without the 800-53 that came before it. In today's episode, Bobby sat down with FedRAMP expert, Karen Stanford, to discuss the connection between the two publications and how you can use this to your advantage when preparing for an assessment. Many of the 800-171 contr...

Today, Bobby and Kaleigh are joined by Dr. Ron Ross from NIST, an author of SP 800-172 and MUCH MORE. He shares the true purpose behind the document and what the new draft brings to the table. The draft was published on 11/13/24 and public comments are now being accepted until January of 2025. Linke...

In this podcast episode, Bobby Guerra, Kaleigh Floyd, and Vince Scott discuss the complexities of the Cybersecurity Maturity Model Certification (CMMC) and its phases. Vince shares his extensive background in cybersecurity, transitioning from offense to defense, and the challenges faced by small bus...

In this conversation, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss the distinctions between Cloud Service Providers (CSPs) and other service providers (ESPs), the significance of Controlled Unclassified Information (CUI), and the importance of vendor assessments in the context of the 32 CFR r...