Description

In this episode of Cherry Bekaert’s GovCon podcast, Neal Beggan is joined by cybersecurity professionals Steven Ursillo and Brian Kirk for a comprehensive deep dive into the current state of Cybersecurity Maturity Model Certification (CMMC) compliance. 

They discuss how 48 CFR will reshape the enforcement of cybersecurity requirements in government contracts. This episode breaks down what the 48 CFR rule means, how it connects to DFARS and 32 CFR, and what contractors should be doing now to stay ahead of the rollout.

Listen to learn more about:

• The definition of CMMC and why it matters
• An overview of CFR 48
• CFR 48 timeline and rollout
• Potential readiness and compliance challenges and how to overcome them
• Action items to prepare for CFR 48

The conversation includes:

• 0:37 – Introduction to CMMC: What It Is and Why It Matters
• 4:32 – Finalization of the 48 CFR Rule
• 12:50 – Challenges, Obstacles & Pain Points in Readiness and Certification
• 27:16 – Operational Challenges, GRC Tools and Assessment Readiness Tips
• 32:19 – Ecosystem Growth & Capacity
• 35:22 – Key Takeaways & Action Items
• 37:42 – Upcoming Events & Learning Opportunities

POCs

Steve Ursillo, Partner

Brian Kirk, Senior Manager

Related Insights:

• Article | DoD CMMC Requirements: A Guide for Defense Contractors
• Article | Cybersecurity Maturity Model Certification (CMMC): Compliance Process & FAQs

View all Government Contracting Podcasts