What Qualifies As a "Significant Change" in CMMC?

A Deep Dive into Rev 3: Incident Response (feat. Adam Evans)

In this Spelunking episode of Climbing Mount CMMC, Kaleigh and Adams dive into the key differences between NIST 800-171 Rev2 and Rev3, focusing on incident response requirements for CMMC compliance. They share insights on preparing for Rev3, emphasizing 03.06's incident handling, reporting, and training strategies. Link to NIST 800-171 Rev 3: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r3.pdf Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

What Qualifies As a "Significant Change" in CMMC?

In this episode of Climbing Mount CMMC, Bobby and Kaleigh explore the recent updates and implications of "significant changes" in the CMMC assessment process, focusing on how organizations can navigate reassessments, change management, and the role of C3PAOs. Link to 32 CFR Final Rule: Federal Register :: Cybersecurity Maturity Model Certification (CMMC) Program [https://www.federalregister.gov/documents/2024/10/15/2024-22905/cybersecurity-maturity-model-certification-cmmc-program] Link to FAQ: CYBERSECURITY MATURITY MODEL CERTIFICATION Program (CMMC) FREQUENTLY ASKED QUESTIONS [https://dodcio.defense.gov/Portals/0/Documents/CMMC/CMMC-FAQsv5.pdf] Link to Vince Scott's Article: (29) Temporary Deficiencies, Enduring Exceptions, and Operational Plans of Action: What are they and why do I care? | LinkedIn [https://www.linkedin.com/pulse/temporary-deficiencies-enduring-exceptions-plans-action-vincent-scott-epwtc/?trackingId=JPIL8fJBQ6Su09cqhu6XVA%3D%3D] Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

What is CMMC Inheritance and How Do I Apply It? (feat. Adam Evans)

In this episode of Climbing Mount CMMC, Kaleigh speaks with Axiom's compliance officer, Adam Evans, to explore the complexities of inheritance in the context of CMMC compliance, cloud service providers, and external service providers. They discuss how inheritance works, common misconceptions, and practical tips for organizations navigating compliance assessments. Link to the CMMC Assessment Process (CAP): https://cyberab.org/Portals/0/CMMC%20Assessment%20Process%20v2.0.pdf Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

What is "The Game of Chicken" in CMMC? (feat. Lawrence Cruciana)

In this episode of Climbing Mount CMMC, Kaleigh and Bobby dive into a deep discussion on the complexities and challenges of achieving CMMC Level 2 certification for MSPs and OSCs with Lawrence Cruciana. They share insights on shared responsibility, operational maturity, and "the game of chicken" played between organizations in the cybersecurity compliance landscape. Lawrence's LinkedIn:  Lawrence Cruciana | LinkedIn [https://www.linkedin.com/in/lawrence-cruciana/] Corporate Information Technologies Website: Corporate Information Technologies - CorpInfoTech [https://www.corp-infotech.com/] Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

Cyb-Her: Transitioning Your MSP to CMMC Compliance

In this episode of Cyb-Her, Kaleigh shares with Axiom employee, Maleah Adams, her journey from call coordinator to COO, speaking on her experiences in the MSP and cybersecurity space, including her work and transition to the CMMC ecosystem and her perspective as a woman in a male-dominated industry. Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]