Iniciar sesión

Climbing Mount CMMC

Climbing Mount CMMC

What Qualifies As a "Significant Change" in CMMC?

36 min · 4 de jun de 2026

Portada del episodio What Qualifies As a "Significant Change" in CMMC?

Descripción

In this episode of Climbing Mount CMMC, Bobby and Kaleigh explore the recent updates and implications of "significant changes" in the CMMC assessment process, focusing on how organizations can navigate reassessments, change management, and the role of C3PAOs. Link to 32 CFR Final Rule: Federal Register :: Cybersecurity Maturity Model Certification (CMMC) Program [https://www.federalregister.gov/documents/2024/10/15/2024-22905/cybersecurity-maturity-model-certification-cmmc-program] Link to FAQ: CYBERSECURITY MATURITY MODEL CERTIFICATION Program (CMMC) FREQUENTLY ASKED QUESTIONS [https://dodcio.defense.gov/Portals/0/Documents/CMMC/CMMC-FAQsv5.pdf] Link to Vince Scott's Article: (29) Temporary Deficiencies, Enduring Exceptions, and Operational Plans of Action: What are they and why do I care? | LinkedIn [https://www.linkedin.com/pulse/temporary-deficiencies-enduring-exceptions-plans-action-vincent-scott-epwtc/?trackingId=JPIL8fJBQ6Su09cqhu6XVA%3D%3D] Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

Comentarios

0

Sé la primera persona en comentar

¡Regístrate ahora y únete a la comunidad de Climbing Mount CMMC!

Todos los episodios

124 episodios

What Qualifies As a "Significant Change" in CMMC?

In this episode of Climbing Mount CMMC, Bobby and Kaleigh explore the recent updates and implications of "significant changes" in the CMMC assessment process, focusing on how organizations can navigate reassessments, change management, and the role of C3PAOs. Link to 32 CFR Final Rule: Federal Register :: Cybersecurity Maturity Model Certification (CMMC) Program [https://www.federalregister.gov/documents/2024/10/15/2024-22905/cybersecurity-maturity-model-certification-cmmc-program] Link to FAQ: CYBERSECURITY MATURITY MODEL CERTIFICATION Program (CMMC) FREQUENTLY ASKED QUESTIONS [https://dodcio.defense.gov/Portals/0/Documents/CMMC/CMMC-FAQsv5.pdf] Link to Vince Scott's Article: (29) Temporary Deficiencies, Enduring Exceptions, and Operational Plans of Action: What are they and why do I care? | LinkedIn [https://www.linkedin.com/pulse/temporary-deficiencies-enduring-exceptions-plans-action-vincent-scott-epwtc/?trackingId=JPIL8fJBQ6Su09cqhu6XVA%3D%3D] Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

4 de jun de 202636 min

What is CMMC Inheritance and How Do I Apply It? (feat. Adam Evans)

In this episode of Climbing Mount CMMC, Kaleigh speaks with Axiom's compliance officer, Adam Evans, to explore the complexities of inheritance in the context of CMMC compliance, cloud service providers, and external service providers. They discuss how inheritance works, common misconceptions, and practical tips for organizations navigating compliance assessments. Link to the CMMC Assessment Process (CAP): https://cyberab.org/Portals/0/CMMC%20Assessment%20Process%20v2.0.pdf Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

28 de may de 202629 min

What is "The Game of Chicken" in CMMC? (feat. Lawrence Cruciana)

In this episode of Climbing Mount CMMC, Kaleigh and Bobby dive into a deep discussion on the complexities and challenges of achieving CMMC Level 2 certification for MSPs and OSCs with Lawrence Cruciana. They share insights on shared responsibility, operational maturity, and "the game of chicken" played between organizations in the cybersecurity compliance landscape. Lawrence's LinkedIn: Lawrence Cruciana | LinkedIn [https://www.linkedin.com/in/lawrence-cruciana/] Corporate Information Technologies Website: Corporate Information Technologies - CorpInfoTech [https://www.corp-infotech.com/] Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

21 de may de 202646 min

Cyb-Her: Transitioning Your MSP to CMMC Compliance

In this episode of Cyb-Her, Kaleigh shares with Axiom employee, Maleah Adams, her journey from call coordinator to COO, speaking on her experiences in the MSP and cybersecurity space, including her work and transition to the CMMC ecosystem and her perspective as a woman in a male-dominated industry. Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

14 de may de 202626 min

Working with a C3PAO (feat. Fernando Machado)

In this episode of Climbing Mount CMMC, Fernando Machado (CCA) from CyberSec Investments shares his extensive experience with Kaleigh and Bobby about the CMMC assessment process, the journey to becoming a C3PAO, and practical insights for contractors navigating the certification landscape. They discuss the phases of assessments, scoping mistakes, and how to prepare effectively. Fernando's LinkedIn: https://www.linkedin.com/in/fernando-machado-cissp-cism-cca-ccp-5b5581124/ CyberSec Investments Website: https://cybersecinvestments.com/ ND-ISAC C3PAO Shopping Guide: https://ndisac.org/defense-news/nd-isac-releases-c3pao-shopping-guide-for-small-medium-sized-businesses/ Website: https://www.axiom.tech/ YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ [https://www.linkedin.com/company/axiomtech/] Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ [https://www.linkedin.com/in/bobbyguerra/] Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/ [https://www.linkedin.com/in/kaleigh-floyd-079a52190/]

7 de may de 202642 min