.jpg)
Climbing Mount CMMC
Our podcast is dedicated to supporting MSPs/MSSPs and the companies that engage with them. We aim to maintain transparency throughout our journey, especially as we pursue our level two certification. While only a few MSPs are actively participating, we hope this podcast will inspire more involvement.
We are also excited to announce that we will have guests on our podcast who are professional in their fields. These guests include Brian Hubbard, Joy Beland, Amira Armond and many more.
Episodes
75 episodes
Securing Custom Software: Documenting Software Security Controls for CMMC Compliance
In this episode, Kaleigh and Bobby welcome back Kyle Lai to discuss the challenges and insights surrounding C3PAOs and the CMMC framework. They explore Kyle's journey into the C3PAO space, the current state of audits, and the importance of soft...
•
Season 3
•
Episode 20
•
41:41
.png)
Understanding CMMC Audits with a Lead Assessor
In this episode of CybHer, Kaleigh Floyd interviews Jil Wright, president of Wrightbrained Security, discussing her extensive experience in IT and the CMMC space. They explore the challenges of cybersecurity assessments, the importance of docum...
•
Season 3
•
Episode 19
•
36:32
.png)
Understanding Your Contracts' CMMC Requirements: A 32 CFR Breakdown
In this episode of Climbing Mount CMMC, Kaleigh and Bobby discuss the 32 CFR final rule and its implications for contractors and subcontractors in the defense industry. They delve into the history and importance of Controlled Unclassif...
•
Season 3
•
Episode 18
•
36:56
Creating CMMC Documentation and Choosing the Right Consultant
In this episode, Kaleigh Floyd interviews Kelly Hood from Optic Cyber Solutions, discussing her journey into the CMMC space, the challenges faced in consulting, and the importance of effective documentation. They explore the significance of the...
•
Season 3
•
Episode 17
•
34:21
.png)
Navigating Vendor Challenges in CMMC Compliance
In this episode, Bobby Guerra and Kaleigh Floyd discuss the evolving landscape of vendors in the CMMC space, focusing on the challenges and considerations for Managed Service Providers (MSPs) when integrating cloud solutions. They explore the i...
•
Season 3
•
Episode 16
•
36:56
Navigating CMMC: Internal IT Challenges
In this episode, Kaleigh Floyd and Bobby Guerra discuss the challenges and considerations for internal IT staff tasked with achieving CMMC compliance. They explore the importance of knowledge, leadership buy-in, and organizational maturity in s...
•
Season 3
•
Episode 15
•
24:47
When Will CMMC Affect My Business? (Phase Rollout and Memo)
In this conversation, Bobby Guerra and Ryan Bonner discuss the evolving landscape of the CMMC ecosystem, focusing on the implications of a recent memo from the DOD. They explore the roles of program managers, the importance of understanding CUI...
•
Season 3
•
Episode 14
•
45:20
Understanding Export Controls with a Regulatory Attorney
In this conversation, Bailey Reichelt, a trade and regulatory attorney, discusses the complexities of export controls and their implications for businesses in the aerospace and defense sectors. She emphasizes the importance of understanding exp...
•
Season 3
•
Episode 13
•
33:21
MSP Owners Share Their CMMC Journeys to Level 2
In this episode of Climbing Mounts CMMC, hosts Kaleigh Floyd and Bobby Guerra welcome Andy Sauer from Sentinel Blue. They discuss the challenges and experiences of navigating CMMC compliance as managed service providers (MSPs). The conversation...
•
Season 3
•
Episode 12
•
42:24
5 Questions to Ask BEFORE Choosing an MSP for CMMC
In this episode, Kaleigh Floyd and Bobby Guerra discuss the critical considerations for OSCs choosing an MSP for their CMMC journey and Managed Service Providers (MSPs) contemplating CMMC Level 2 certification. They explore the importance of se...
•
Season 3
•
Episode 11
•
29:59
We Went Through Our CMMC Assessment (What we learned)
Axiom passed their assessment! In this episode, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss their journey to passing a CMMC Level 2 assessment. They share insights from their mock and real assessments, the challenges they faced, and the...
•
Season 3
•
Episode 10
•
49:41
The Mission Behind CMMC from Three Perspectives: C3PAO, MSP, and Vendor
Kaleigh Floyd hosts three prominent women in the CMMC ecosystem: Joy Beland, Amy Williams, and Carley Salmon. They discuss their backgrounds, the importance of cybersecurity compliance, and the evolving landscape of CMMC. Each guest shares thei...
•
Season 3
•
Episode 9
•
50:52
.png)
How to Create a System Security Plan for CMMC Level 2
Are you starting your CMMC and don't know where to begin? Let's talk about the foundation of your control implementation, which is the System Security Plan. This is not only critical to your business's compliance journey, but it's also a requir...
•
Season 3
•
Episode 8
•
39:19
What Does a CMMC Agreement Look Like? (And why have it?)
In this conversation, Bobby Guerra and Kaleigh Floyd discuss the critical role of agreements in the CMMC compliance journey. They emphasize the importance of well-structured agreements to mitigate risks and ensure clarity in responsibilities be...
•
Season 3
•
Episode 7
•
23:42
Becoming an Authorized C3PAO with Koren Wise (Women in CMMC)
(CybHER: Women in CMMC) In this inaugural episode of CybHER: Women in CMMC, Kaleigh Floyd and Koren Wise discuss the significant contributions of women in the CMMC ecosystem. Koren shares her journey from being a network engineer to becoming a ...
•
Season 3
•
Episode 6
•
31:45
.png)
The Assessment Tango (How to speak during a CMMC assessment)
Have you ever wondered what it's truly like in a CMMC assessment? Maybe you've thought about how to speak to an assessor or who needs to speak during certain controls. During this episode, we talk about Bobby's experience and how he prepared hi...
•
Season 3
•
Episode 5
•
25:35
Can You Fix Your CMMC Assessment Score?
It's important to be fully prepared for a CMMC assessment by a C3PAO, but what if your humanity kicks in? There is an opportunity to gather more information for your assessor if they allow the re-evaluation. Let's talk about it!
•
Season 3
•
Episode 4
•
24:08
What Does CMMC Readiness Look Like?
In this episode, Kaleigh Floyd and Bobby Guerra discuss what CMMC readiness looks like, focusing on the necessary steps for organizations and Managed Service Providers (MSPs) to prepare for compliance. They emphasize the importance of having a ...
•
Season 3
•
Episode 3
•
43:36
How We Prepared for Our CMMC Assessment
(Season Three Episode 1) It's less than 30 days from our CMMC Level 2 assessment and our MSP has done A LOT of preparation. We'd love to share our experience with all of you. We prepared our MSP to not only service ourselves, but also our clien...
•
Season 3
•
Episode 1
•
37:50
.png)
How to Climb Mount CMMC (for MSPs and SMBs)
You're a business that has two options: Commercial or CMMC?It's hard to fully see the path ahead when you're only at the beginning. Bobby and Kaleigh give a 12 Step process of climbing the CMMC Mountain ahead. This is focused more towar...
•
Season 2
•
Episode 33
•
42:35
.png)
How to Perform a Self-Assessment w/Vince Scott
In this episode, Kaleigh Floyd, Bobby Guerra, and Vincent Scott discuss the critical aspects of self-assessments in the context of CMMC compliance. They explore the different types of self-assessments, the importance of having a System Security...
•
Season 2
•
Episode 32
•
35:23
.png)
Dr. Ron Ross Shares His Story (From the Army to NIST and Beyond)
We sat down with Dr. Ron Ross about his story and how he got to where he is today. He shares what his first job was out of the Army and his health battle while writing publications for NIST. His journey is incredibly inspiring, and we feel such...
•
Season 2
•
Episode 31
•
1:00:08
.png)
The Connection Between NIST SP 800-53 and SP 800-171
You can't have NIST SP 800-171 without the 800-53 that came before it. In today's episode, Bobby sat down with FedRAMP expert, Karen Stanford, to discuss the connection between the two publications and how you can use this to your advantage whe...
•
Season 2
•
Episode 30
•
34:20
.jpg)
The Purpose Behind SP 800-172 w/ Dr. Ron Ross
Today, Bobby and Kaleigh are joined by Dr. Ron Ross from NIST, an author of SP 800-172 and MUCH MORE. He shares the true purpose behind the document and what the new draft brings to the table. The draft was published on 11/13/24 and public comm...
•
Season 2
•
Episode 29
•
28:05
The Implementation of CMMC (4 Phase Rollout) w/ Vince Scott
In this podcast episode, Bobby Guerra, Kaleigh Floyd, and Vince Scott discuss the complexities of the Cybersecurity Maturity Model Certification (CMMC) and its phases. Vince shares his extensive background in cybersecurity, transitioning from o...
•
Season 2
•
Episode 28
•
48:00