Look for any podcast host, guest or anyone
Showing episodes and shows of

Bobby Guerra

Shows

Climbing Mount CMMC
Climbing Mount CMMCInside the CCP Course as a CMMC BeginnerIn this episode, Bobby interviews Axiom's Marketing Coordinator, Maleah Adams, about her experience taking the CCP (CMMC Certified Professional) course. In a brief conversation, they touch on what CMMC looks like from a beginner's perspective and how the CCP course helped shaped that knowledge. She shares what surprised her, what concepts were easier to grasp than expected, and how the training gave her a clearer picture of why compliance matters not just for IT teams but for an entire organization. If you've ever wondered what the first steps into CMMC look like or how the CCP course can build...
2025-12-0420 minClimbing Mount CMMC
Climbing Mount CMMCWhat to Expect from a CMMC AssessmentThis webinar discussion provides an in-depth exploration of the CMMC Level 2 assessment process, including the phases of assessment, methodologies, and the importance of media sanitization and risk assessments. The speakers share their experiences and insights, emphasizing the need for thorough preparation and understanding of compliance requirements to ensure successful outcomes in assessments. Bobby and Kaleigh walk listeners through the nuances of a CMMC mock assessment and give a glimpse into what you can expect on assessment day. Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2A...
2025-11-1345 minClimbing Mount CMMC
Climbing Mount CMMCThe Best Way to Be CMMC-Rollout ReadyIn this episode, Kaleigh Floyd, Bobby Guerra, and Vincent Scott discuss the upcoming rollout of the Cybersecurity Maturity Model Certification (CMMC) and the challenges facing the defense industrial base. They explore the readiness of organizations seeking certification, the role of implementers, and the potential impact on major defense systems. The conversation emphasizes the importance of preparation and accountability in achieving cybersecurity goals while addressing the complexities of the CMMC implementation process.Vincent Scott's Linkedln: https://www.linkedin.com/in/vincent-scott-cybersecurity/Defense Cyber Security Website: https://www.cybersecgru.com/Website: https://www.axiom.tech/
2025-11-0657 minClimbing Mount CMMC
Climbing Mount CMMCWhat Does NIST 800-171 Look Like in Action?In this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of CMMC compliance, focusing on NIST 800-171 controls, self-assessments, risk reviews, change management, and the importance of tools in the compliance process. They emphasize the challenges faced by Managed Service Providers (MSPs) in navigating these requirements and the need for proactive communication with clients to manage expectations and ensure successful compliance.Isabel Rivera's Linkedln: https://www.linkedin.com/in/isabel-rivera-8a7565148/Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln...
2025-10-2344 minClimbing Mount CMMC
Climbing Mount CMMCHow to Avoid a "Not Met" During a CMMC AssessmentIn this episode, Kaleigh and Bobby discuss the intricacies of the CMMC Level 2 assessment process, focusing on what to do when faced with a 'not met' status. They explore preparation strategies, the role of assessors, the implications of minor and major changes during assessments, and the importance of communication with clients. The conversation also covers the 10-day reevaluation period, the 180-day remediation process, and the appeal options available to organizations. Throughout the discussion, they emphasize the need for thorough preparation and understanding of the assessment landscape to navigate the challenges effectively.Website: https://www.axiom.tech/...
2025-10-1652 minClimbing Mount CMMC
Climbing Mount CMMCShould I Go Through CMMC With My MSP?In this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of navigating CMMC Level 2 certification and assessments, particularly focusing on the role of Managed Service Providers (MSPs). They explore the challenges faced by small MSPs, the importance of documentation, and the intricacies of the assessment process. The conversation emphasizes the need for MSPs to be well-prepared and knowledgeable to effectively support their clients in achieving compliance.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln...
2025-10-0943 minClimbing Mount CMMC
Climbing Mount CMMCCracking the Code of Vulnerability ManagementIn this episode of Climbing Mount CMMC, Kaleigh and Bobby delve into the intricacies of vulnerability scanning, particularly in the context of CMMC Level 2 compliance for Managed Service Providers (MSPs). They discuss the challenges of vulnerability management, the importance of selecting appropriate tools, and the complexities involved in implementing effective scanning processes. The conversation emphasizes the need for clear documentation, continuous monitoring, and proactive maintenance strategies to ensure compliance and security. The hosts also highlight the significance of preparing for audits and the necessity of adapting to evolving requirements in the cybersecurity landscape.Website: https://www.axiom...
2025-10-0235 minClimbing Mount CMMC
Climbing Mount CMMCUnderstanding the Language of CMMC AssessorsIn this episode, Bobby and Kaleigh discuss the complexities of navigating the Defense Industrial Base (DIB) space, particularly focusing on the Cybersecurity Maturity Model Certification (CMMC) assessments. They explore the challenges faced by organizations in understanding and complying with CMMC requirements, the importance of effective communication with C3PAOs, and the necessity of thorough preparation for assessments. The conversation emphasizes the need for organizations to align their practices with C3PAOs and to be proactive in their compliance efforts to avoid costly failures during audits.Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/
2025-09-2537 minClimbing Mount CMMC
Climbing Mount CMMCA Deep Dive Into 48 CFR and How Organizations Can Prepare48 CFR IS HERE! And we have a lot to talk about. In this episode, Bobby and Kaleigh discuss the recent release of 48 CFR and its implications for contractors and subcontractors working with the Department of Defense (War). They explore the significance of the new regulations, the phased rollout strategy, and the importance of CMMC unique identifiers (UIDs). The conversation highlights the risks associated with non-compliance and the need for contractors to be proactive in preparing for the upcoming changes. The hosts emphasize the urgency for subcontractors to align with prime contractors' requirements and the potential consequences of o...
2025-09-1839 minClimbing Mount CMMC
Climbing Mount CMMCWhat Every Organization Needs to Know About Data FlowIn this episode, Kaleigh and Bobby discuss the critical role of data flow diagrams in system security plans, particularly in the context of CMMC compliance. They explore the importance of understanding data flow, identifying sources and users, and ensuring proper sanitization of controlled unclassified information (CUI). The conversation emphasizes the need for organizations to be aware of how data flows through their systems and the implications for security and compliance. Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2A...
2025-09-1134 minClimbing Mount CMMC
Climbing Mount CMMCHow the CRM Powers CMMC ComplianceIn this episode, Kaleigh and Bobby delve into the intricacies of Customer Responsibility Matrices (CRMs) within the context of CMMC compliance. They discuss the importance of having a well-defined CRM, the relationship between CRMs and service agreements, and how these elements play a crucial role in assessments. The conversation emphasizes the need for clarity in responsibilities, the role of Managed Service Providers (MSPs), and the expectations of auditors. The hosts provide insights on how to effectively create and utilize CRMs to ensure compliance and avoid potential pitfalls during assessments.32 CFR: https://www.govinfo.gov/content/pkg/FR-2024...
2025-09-0436 minClimbing Mount CMMC
Climbing Mount CMMCBreaking Down the CMMC System Security PlanThis protips podcast episode is extra special! It includes clips from our webinar delving into the intricacies of system security plans (SSPs), emphasizing their critical role in organizational security and compliance with NIST 800.171 and CMMC standards. The discussion covers the importance of scoping, defining system boundaries, managing data flow, and detailing security controls. It also highlights the necessity of well-defined policies and procedures, as well as the clear outlining of user roles and responsibilities. We share insights on building comprehensive SSPs, the challenges faced by Managed Service Providers (MSPs), and the importance of documentation management in maintaining effective security...
2025-08-2846 minClimbing Mount CMMC
Climbing Mount CMMCCMMC Implementation from a Contractor's PerspectiveIn this episode, Kaleigh interviews Dy Edington, the Director of Information Security at AV (formally BlueHalo), about her journey through the CMMC Level 2 assessment. Dy shares insights on the importance of leadership buy-in, team collaboration, and the challenges faced during implementation. She emphasizes the significance of documentation, training, and continuous improvement in maintaining compliance. She also offers valuable advice for those starting their CMMC journey, highlighting the need for communication and understanding across all departments.Dy Edington's Linkedln: https://www.linkedin.com/in/dy-edington/AV Website: https://www.avinc.com/Axiom's Linkedln: https...
2025-08-2133 minClimbing Mount CMMC
Climbing Mount CMMCWhat Is a POA&M? (And What It Isn't)In this first episode of Season 4 of Climbing Mount CMMC, Bobby and Kaleigh discuss the intricacies of Plans of Action and Milestones (POA&Ms) in the context of compliance with CMMC and NIST standards. They explore the historical misuse of POA&Ms, the new regulations that have been implemented, and the importance of creating effective POA&Ms. The conversation also touches on the role of operational plans of action (OPAs) and the implications of involving external service providers in the remediation process. The episode concludes with insights on navigating changes in compliance and assessments....
2025-08-1423 minClimbing Mount CMMC
Climbing Mount CMMCAre You Wasting Your Time With CMMC?*Spoiler Alert* CMMC is real and it's happening right now.In this episode, Kaleigh Floyd and Bobby Guerra discuss the critical aspects of CMMC compliance for contractors, addressing common questions and concerns. They explore the differences between CMMC Level 1 and Level 2, the importance of legal guidance, and the necessity of understanding controlled unclassified information (CUI). The conversation emphasizes the need for proactive planning, leadership buy-in, and the creation of a Plan of Action and Milestones (PoAM) to ensure successful compliance. They also touch on the implications of NIST 800-171 Rev 3 and the risks associated with d...
2025-07-2435 minClimbing Mount CMMC
Climbing Mount CMMC5 Things We Would Change About CMMCIn this episode, Bobby and Kaleigh discuss five significant changes they believe could be made to the CMMC ecosystem. They explore the thought of C3PAOs to providing recommendations after assessments, the possibility of allowing organizations to pass with a score of 88, and the importance of having a C3PAO assessment process for MSPs. They also emphasize the need for yearly reviews instead of full assessments and the challenges posed by FIPS regulations. The conversation highlights the importance of flexibility and clarity in the certification process. Just a reminder that no one is claiming CMMC Jesus in this episode...
2025-07-1731 minClimbing Mount CMMC
Climbing Mount CMMCEverything You Need to Know About CMMC ImplementationIn this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of adopting CMMC (Cybersecurity Maturity Model Certification) from both the MSP and client perspectives. They explore the challenges organizations face in implementing CMMC, the importance of client education, and the need for a structured approach to change management. The conversation emphasizes the necessity of leadership buy-in and the scalability of processes to ensure compliance without compromising efficiency. The hosts also highlight the ongoing nature of refining CMMC processes within MSPs and the importance of continuous improvement in this area.Axiom's Linkedln: https://www.linkedin.com/company...
2025-07-1030 minClimbing Mount CMMC
Climbing Mount CMMCHow to Build Your CMMC Documents the RIGHT WayIn this episode, Kaleigh and Bobby discuss the complexities of CMMC documentation with Tom Conkle from Optic Cyber Solutions. They explore the challenges of writing effective System Security Plans (SSPs) and Customer Responsibility Matrices (CRMs), emphasizing the importance of viewing these documents as management tools rather than mere compliance checkboxes. The conversation highlights common pitfalls organizations face, the significance of clear communication between service providers and clients, and practical tips for creating effective documentation that enhances cybersecurity practices.Tom Conkle on Linkedln: https://www.linkedin.com/in/tomconkle/Kelly Hood on Linkedln: https://www.linkedin.com...
2025-07-0336 minClimbing Mount CMMC
Climbing Mount CMMCCMMC Inheritance: Which Controls am I Responsible for?In this episode, Kaleigh Floyd and Bobby Guerra delve into the complexities of inheritance within the CMMC framework, particularly focusing on the role of external service providers (ESPs) and the responsibilities of organizations seeking assessment (OSA). They discuss the importance of system security plans, the nuances of the CMMC assessment process, and the challenges faced by managed service providers (MSPs) in navigating inheritance claims. The conversation emphasizes the need for clarity in responsibilities and the potential benefits and limitations of inheriting controls from ESPs. In this conversation, Kaleigh Floyd and Bobby Guerra delve into the complexities of CMMC compliance...
2025-06-2643 minClimbing Mount CMMC
Climbing Mount CMMCThe Importance of Scalability as a Service ProviderIn this episode, Kaleigh and Bobby discuss the complexities of scaling CMMC for Managed Service Providers (MSPs). They explore the challenges of compliance, the importance of tools, and the necessity of having structured operational and sales strategies. The conversation also delves into the 'Four Horsemen' of compliance, which are critical for maintaining security and compliance standards. Finally, they emphasize the importance of ongoing maintenance and the long-term scalability of CMMC processes for MSPs.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com...
2025-06-1923 minClimbing Mount CMMC
Climbing Mount CMMCMarketing in the CMMC Industry As an MSPIn this episode, Bobby and Kaleigh discuss the challenges and strategies of marketing within the CMMC space. Kaleigh shares her journey of transitioning into this niche market, emphasizing the importance of building a reputation, understanding client needs, and maintaining transparency throughout the sales process. They explore the significance of effective communication, the necessity of educating clients about CMMC, and the balance between being sympathetic and correcting misconceptions. The conversation highlights the need for managed service providers to be proactive and knowledgeable in their approach to CMMC compliance.Website: https://www.axiom.tech/YouTube: https://www.youtube...
2025-06-1230 minClimbing Mount CMMC
Climbing Mount CMMCBreaking Down the Roles in CMMC CertificationsIn this episode, Bobby and Kaleigh explore the CyberAB ecosystem, focusing on the various roles and certifications within the CMMC framework. They discuss the importance of understanding the distinctions between Registered Practitioners (RP), Registered Practitioner Organizations (RPO), CMMC Certified Professionals (CCP), and CMMC Certified Assessors (CCA). The conversation also highlights the role of C3PAOs in conducting assessments and the significance of external service providers in the certification process. The hosts emphasize the need for organizations to navigate these certifications effectively to ensure compliance and security in the cybersecurity landscape.Axiom's Linkedln: https://www.linkedin.com/company...
2025-06-0530 minClimbing Mount CMMC
Climbing Mount CMMCThe CMMC Compliance Sidekick You Didn't Know You HadIn this episode of Climbing Mount CMMC, hosts Kaleigh Floyd and Bobby Guerra delve into the intricacies of Customer Responsibility Matrices (CRMs) and their significance in CMMC compliance. They discuss the definition of CRMs, their importance in defining responsibilities between customers and service providers, and the essential components needed to create an effective CRM. The conversation emphasizes the need for clarity in responsibilities, the connection to NIST 800-171 controls, and the importance of understanding vendor relationships in the context of cybersecurity compliance.Optic Cyber Solutions CRM Template: MSP-customer-responsibility-matrix-template 1.xlsxKelly Hood: (9) Kelly...
2025-05-2217 minClimbing Mount CMMC
Climbing Mount CMMCFather/Daughter Duos Discuss the Evolving Landscape of CybersecurityIn this episode of Climbing Mount CMMC, hosts Kaleigh Floyd and Bobby Guerra engage with Chris and Hannah Silvers, a father-daughter duo from CG Silver's Consulting. They discuss their journey in the cybersecurity field, the challenges and dynamics of CMMC, and the importance of community and collaboration in navigating this complex landscape. The conversation highlights the unique challenges faced by MSPs in adapting to CMMC requirements and the evolving nature of their business dynamics. The episode also touches on the intricacies of the sales process in CMMC consulting, emphasizing the need for education and understanding in client relationships. In...
2025-05-1548 minClimbing Mount CMMC
Climbing Mount CMMCHow to Choose the Right MSP and Avoid a False StartIn this episode, Kaleigh Floyd and Bobby Guerra discuss the critical issue of false starts in CMMC assessments, emphasizing the importance of proper documentation and preparation. They explore the phases of CMMC assessments, the consequences of failing to meet requirements, and the necessity of seeking help from consultants. The conversation highlights the significance of mock assessments and understanding the roles of external service providers in the assessment process. The hosts provide practical advice for avoiding false starts and ensuring a successful assessment journey.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2...
2025-05-0831 minClimbing Mount CMMC
Climbing Mount CMMCSecuring Custom Software: Documenting Software Security Controls for CMMC ComplianceIn this episode, Kaleigh and Bobby welcome back Kyle Lai to discuss the challenges and insights surrounding C3PAOs and the CMMC framework. They explore Kyle's journey into the C3PAO space, the current state of audits, and the importance of software development in compliance. The conversation highlights the need for collaboration between IT and software development teams, the significance of understanding controlled unclassified information (CUI), and the challenges faced during assessments. Kyle shares valuable insights on vulnerability management, the impact of open-source software, and strategies for leveraging existing platforms to ease compliance efforts. The episode concludes with a...
2025-05-0141 minClimbing Mount CMMC
Climbing Mount CMMCUnderstanding CMMC Audits with a Lead AssessorIn this episode of CybHer, Kaleigh Floyd interviews Jil Wright, president of Wrightbrained Security, discussing her extensive experience in IT and the CMMC space. They explore the challenges of cybersecurity assessments, the importance of documentation, and the evolving role of women in the tech industry. Jil shares insights on the necessity of evidence in assessments, the significance of mentorship, and the need for companies to prepare adequately for CMMC compliance. The conversation highlights the importance of collaboration and the unique challenges faced by women in cybersecurity.Jil's Linkedln: https://www.linkedin.com/in/itjil/ ...
2025-04-2436 minClimbing Mount CMMC
Climbing Mount CMMCUnderstanding Your Contracts' CMMC Requirements: A 32 CFR BreakdownIn this episode of Climbing Mount CMMC, Kaleigh and Bobby discuss the 32 CFR final rule and its implications for contractors and subcontractors in the defense industry. They delve into the history and importance of Controlled Unclassified Information (CUI), the requirements for achieving CMMC compliance, and the significance of DFARS clauses. The conversation also covers the challenges of creating a System Security Plan (SSP), the importance of scoping, and the flow-down requirements for subcontractors. The episode emphasizes the urgency for contractors to prepare for CMMC assessments and the potential consequences of non-compliance.Website: https...
2025-04-1736 minClimbing Mount CMMC
Climbing Mount CMMCCreating CMMC Documentation and Choosing the Right ConsultantIn this episode, Kaleigh Floyd interviews Kelly Hood from Optic Cyber Solutions, discussing her journey into the CMMC space, the challenges faced in consulting, and the importance of effective documentation. They explore the significance of the Customer Responsibility Matrix (CRM) and System Security Plan (SSP), as well as the NIST Cybersecurity Framework (CSF) and its connection to CMMC compliance. Kelly shares insights on navigating compliance requirements and the need for clarity in communication, emphasizing that while the journey may be complex, it is achievable with the right approach and mindset.Optic Cyber Solutions: www.OpticCyber.com  
2025-04-1034 minClimbing Mount CMMC
Climbing Mount CMMCNavigating Vendor Challenges in CMMC ComplianceIn this episode, Bobby Guerra and Kaleigh Floyd discuss the evolving landscape of vendors in the CMMC space, focusing on the challenges and considerations for Managed Service Providers (MSPs) when integrating cloud solutions. They explore the implications of using tools like Huntress and Ninja One, the importance of compliance with regulations, and the role of auditors in ensuring data protection. The conversation emphasizes the need for thorough documentation, understanding the capabilities of tools, and the necessity of maintaining high standards to protect clients' interests.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3...
2025-04-0336 minClimbing Mount CMMC
Climbing Mount CMMCNavigating CMMC: Internal IT ChallengesIn this episode, Kaleigh Floyd and Bobby Guerra discuss the challenges and considerations for internal IT staff tasked with achieving CMMC compliance. They explore the importance of knowledge, leadership buy-in, and organizational maturity in successfully navigating the CMMC process. The conversation emphasizes the need for collaboration between internal teams and managed service providers (MSPs) to effectively implement necessary controls and policies. Additionally, they highlight the risks associated with non-compliance and the importance of legal counsel in ensuring proper adherence to regulations.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ
2025-03-2724 minClimbing Mount CMMC
Climbing Mount CMMCWhen Will CMMC Affect My Business? (Phase Rollout and Memo)In this conversation, Bobby Guerra and Ryan Bonner discuss the evolving landscape of the CMMC ecosystem, focusing on the implications of a recent memo from the DOD. They explore the roles of program managers, the importance of understanding CUI, and the challenges faced by contractors and MSPs in achieving compliance. The discussion emphasizes the need for proactive strategies and the potential impact of these changes on the defense industrial base.Ryan's CS2 Session: https://www.youtube.com/watch?v=IEy-TkmKMt8Ryan's LinkedIn: https://www.linkedin.com/in/rybonner/Key Takeaways:-The recent DOD...
2025-03-2045 minClimbing Mount CMMC
Climbing Mount CMMCUnderstanding Export Controls with a Regulatory AttorneyIn this conversation, Bailey Reichelt, a trade and regulatory attorney, discusses the complexities of export controls and their implications for businesses in the aerospace and defense sectors. She emphasizes the importance of understanding export regulations, common misconceptions, and the need for compliance programs. Bailey also shares insights on engaging with regulatory attorneys, the costs involved, and real-world examples of navigating export compliance challenges. The discussion highlights the significance of integrating export compliance into existing workflows and the ongoing journey of maintaining compliance in a changing regulatory landscape.Bailey's Talk at CS2: Practical ITAR Skills for Businesses
2025-03-1333 minClimbing Mount CMMC
Climbing Mount CMMCMSP Owners Share Their CMMC Journeys to Level 2In this episode of Climbing Mounts CMMC, hosts Kaleigh Floyd and Bobby Guerra welcome Andy Sauer from Sentinel Blue. They discuss the challenges and experiences of navigating CMMC compliance as managed service providers (MSPs). The conversation covers the entrepreneurial journey, the importance of leadership and scaling in MSPs, and the preparation required for assessments. They also touch on the future of CMMC and the evolving landscape for MSPs, emphasizing the need for certification and proactive engagement with clients.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's...
2025-03-0642 minClimbing Mount CMMC
Climbing Mount CMMC5 Questions to Ask BEFORE Choosing an MSP for CMMCIn this episode, Kaleigh Floyd and Bobby Guerra discuss the critical considerations for OSCs choosing an MSP for their CMMC journey and Managed Service Providers (MSPs) contemplating CMMC Level 2 certification. They explore the importance of selecting a qualified MSP, the preparation required for assessments, the necessity of proper documentation, and the implications of client agreements. The conversation emphasizes the mindset needed for MSPs to effectively support their clients through the certification process, highlighting the potential risks of inadequate preparation and the benefits of a committed approach.Website: https://www.axiom.tech/YouTube: https://www.youtube.com...
2025-02-2729 minClimbing Mount CMMC
Climbing Mount CMMCWe Went Through Our CMMC Assessment (What we learned)Axiom passed their assessment! In this episode, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss their journey to passing a CMMC Level 2 assessment. They share insights from their mock and real assessments, the challenges they faced, and the importance of preparation and self-assessment. The conversation highlights the role of auditors, handling findings, and the continuous nature of compliance in cybersecurity. In this conversation, Axiom discusses their experiences and challenges in achieving a CMMC certification as Managed Service Providers (MSPs). They reflect on the emotional and logistical hurdles faced during the assessment process, the importance of adapting their systems to...
2025-02-2049 minClimbing Mount CMMC
Climbing Mount CMMCThe Mission Behind CMMC from Three Perspectives: C3PAO, MSP, and VendorKaleigh Floyd hosts three prominent women in the CMMC ecosystem: Joy Beland, Amy Williams, and Carley Salmon. They discuss their backgrounds, the importance of cybersecurity compliance, and the evolving landscape of CMMC. Each guest shares their personal motivations for working in this field, highlighting the mission-driven nature of their roles. The conversation also touches on the shift in how organizations view cybersecurity, moving from a cost center to a strategic imperative, especially in light of recent regulatory changes. As they look ahead to 2025, the experts emphasize the urgency for companies to prepare for compliance and the challenges they face...
2025-02-1850 minClimbing Mount CMMC
Climbing Mount CMMCHow to Create a System Security Plan for CMMC Level 2Are you starting your CMMC and don't know where to begin? Let's talk about the foundation of your control implementation, which is the System Security Plan. This is not only critical to your business's compliance journey, but it's also a requirement for CMMC Level 2. Adam Evans, Axiom's Compliance Officer, shares what an SSP is and how he created theirs.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ ...
2025-02-1339 minClimbing Mount CMMC
Climbing Mount CMMCWhat Does a CMMC Agreement Look Like? (And why have it?)In this conversation, Bobby Guerra and Kaleigh Floyd discuss the critical role of agreements in the CMMC compliance journey. They emphasize the importance of well-structured agreements to mitigate risks and ensure clarity in responsibilities between Managed Service Providers (MSPs) and their clients. The discussion covers various aspects, including the significance of service level agreements, guarantees, handling assessment failures, exit strategies, and preparing for changes in requirements. The conversation aims to equip business owners and leaders with insights to navigate the complexities of CMMC compliance effectively.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel...
2025-02-0623 minClimbing Mount CMMC
Climbing Mount CMMCBecoming an Authorized C3PAO with Koren Wise (Women in CMMC)(CybHER: Women in CMMC) In this inaugural episode of CybHER: Women in CMMC, Kaleigh Floyd and Koren Wise discuss the significant contributions of women in the CMMC ecosystem. Koren shares her journey from being a network engineer to becoming a licensed training provider and C3PAO. The conversation delves into the challenges and cultural shifts within organizations as they adapt to CMMC standards, the importance of training, and the balance between motherhood and a demanding career in cybersecurity. Koren emphasizes the resilience and capabilities that motherhood brings to professional life, and they both celebrate the increasing presence of women...
2025-02-0431 minClimbing Mount CMMC
Climbing Mount CMMCThe Assessment Tango (How to speak during a CMMC assessment)Have you ever wondered what it's truly like in a CMMC assessment? Maybe you've thought about how to speak to an assessor or who needs to speak during certain controls. During this episode, we talk about Bobby's experience and how he prepared himself. Your SSP is your script, read from it.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079...
2025-01-3025 minClimbing Mount CMMC
Climbing Mount CMMCCan You Fix Your CMMC Assessment Score?It's important to be fully prepared for a CMMC assessment by a C3PAO, but what if your humanity kicks in? There is an opportunity to gather more information for your assessor if they allow the re-evaluation. Let's talk about it!Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2025-01-2324 minClimbing Mount CMMC
Climbing Mount CMMCWhat Does CMMC Readiness Look Like?In this episode, Kaleigh Floyd and Bobby Guerra discuss what CMMC readiness looks like, focusing on the necessary steps for organizations and Managed Service Providers (MSPs) to prepare for compliance. They emphasize the importance of having a solid system security plan, understanding the roles of MSPs, and the need for clear communication and documentation throughout the process. The conversation also highlights the challenges faced by smaller businesses in navigating CMMC requirements and the critical role of MSPs in supporting their clients through this journey.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3...
2025-01-1643 minClimbing Mount CMMC
Climbing Mount CMMCHow We Prepared for Our CMMC Assessment(Season Three Episode 1) It's less than 30 days from our CMMC Level 2 assessment and our MSP has done A LOT of preparation. We'd love to share our experience with all of you. We prepared our MSP to not only service ourselves, but also our clients. Axiom's goal is to be open and transparent with our audience and we hope you all get a lot from this episode.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https...
2025-01-0237 minClimbing Mount CMMC
Climbing Mount CMMCHow to Climb Mount CMMC (for MSPs and SMBs)You're a business that has two options: Commercial or CMMC?It's hard to fully see the path ahead when you're only at the beginning. Bobby and Kaleigh give a 12 Step process of climbing the CMMC Mountain ahead. This is focused more towards MSPs, but any business, especially SMBs, can get a lot out of this.We hope you enjoy this final episode of Season Two! Stay tuned for Season Three in two weeks.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln...
2024-12-1242 minClimbing Mount CMMC
Climbing Mount CMMCHow to Perform a Self-Assessment w/Vince ScottIn this episode, Kaleigh Floyd, Bobby Guerra, and Vincent Scott discuss the critical aspects of self-assessments in the context of CMMC compliance. They explore the different types of self-assessments, the importance of having a System Security Plan (SSP), and practical strategies for conducting effective self-assessments. The conversation emphasizes the need for thorough preparation, understanding assessment objectives, and the necessity of collecting evidence to support self-assessment scores. The episode also highlights the importance of continuous monitoring and the use of self-assessment tools to streamline the process.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel...
2024-12-0535 minClimbing Mount CMMC
Climbing Mount CMMCDr. Ron Ross Shares His Story (From the Army to NIST and Beyond)We sat down with Dr. Ron Ross about his story and how he got to where he is today. He shares what his first job was out of the Army and his health battle while writing publications for NIST. His journey is incredibly inspiring, and we feel such gratitude to be able to share this with all of you.To hear about the man behind the publications, was something truly special.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com...
2024-11-281h 00Climbing Mount CMMC
Climbing Mount CMMCThe Connection Between NIST SP 800-53 and SP 800-171You can't have NIST SP 800-171 without the 800-53 that came before it. In today's episode, Bobby sat down with FedRAMP expert, Karen Stanford, to discuss the connection between the two publications and how you can use this to your advantage when preparing for an assessment. Many of the 800-171 controls can be traced back to 800-53 and it helps give more clarity to the requirements. We hope you enjoy today's episode!Karen's LinkedIn: (2) Karen Stanford | LinkedInWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ A...
2024-11-2134 minClimbing Mount CMMC
Climbing Mount CMMCThe Purpose Behind SP 800-172 w/ Dr. Ron RossToday, Bobby and Kaleigh are joined by Dr. Ron Ross from NIST, an author of SP 800-172 and MUCH MORE. He shares the true purpose behind the document and what the new draft brings to the table. The draft was published on 11/13/24 and public comments are now being accepted until January of 2025.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in...
2024-11-1428 minClimbing Mount CMMC
Climbing Mount CMMCThe Implementation of CMMC (4 Phase Rollout) w/ Vince ScottIn this podcast episode, Bobby Guerra, Kaleigh Floyd, and Vince Scott discuss the complexities of the Cybersecurity Maturity Model Certification (CMMC) and its phases. Vince shares his extensive background in cybersecurity, transitioning from offense to defense, and the challenges faced by small businesses in achieving compliance. The conversation delves into the realities of implementing CMMC standards, the importance of incident response, and the future implications of these regulations on businesses. They explore the phases of rollout, the importance of self-assessments, and the risks associated with not being certified. The discussion also highlights the capacity issues that may arise as...
2024-11-0748 minClimbing Mount CMMC
Climbing Mount CMMCHow the 32 CFR Rule Affects VendorsIn this conversation, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss the distinctions between Cloud Service Providers (CSPs) and other service providers (ESPs), the significance of Controlled Unclassified Information (CUI), and the importance of vendor assessments in the context of the 32 CFR rule. They delve into the necessary audits, risk management strategies, and the implications of security protection data versus security protection assets for contractors and subcontractors in the defense industry.They discuss the importance of selecting the right vendors for compliance, emphasizing the need for vendors to be prepared and knowledgeable. The conversation also highlights the...
2024-10-3135 minClimbing Mount CMMC
Climbing Mount CMMCLet's Talk About FedRAMP (What, Why and How?)Karen and Bobby dive into the complexities of cybersecurity audits, particularly focusing on the distinctions between CMMC and FedRAMP. They discuss operational challenges, the assessment processes, and the importance of recommendations in FedRAMP. The conversation also highlights misconceptions about FedRAMP, the implications of equivalency versus accreditation, and the future of cloud services in relation to these frameworks.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln...
2024-10-2451 minClimbing Mount CMMC
Climbing Mount CMMCAn MSP's Breakdown of 32 CFR (How does this affect MSPs?)Are you an MSP navigating CMMC? Are you a contractor looking for the right MSP for your climb to CMMC? This episode is going to decipher the 32 CFR final rule with those to perspectives front-of-mind.Bobby and Kaleigh discuss the assessment requirements of an ESP, what inheritance is, and how an MSP can prepare to help their clients in the DIB space.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin...
2024-10-2244 minClimbing Mount CMMC
Climbing Mount CMMCNavigating the 32 CFR Final Rule RegulationsIn this conversation, Bobby Guerra and Kaleigh Floyd discuss the recent release of the 32 CFR Final Rule and its implications for organizations. They explore the importance of self-assessments, the complexities involved, and the distinctions between different types of compliance measures such as enduring exceptions, operational plans, and temporary deficiencies. The conversation also delves into the differences between Cloud Service Providers (CSPs) and External Service Providers (ESPs), providing insights into how organizations can navigate these new regulations effectively. Kaleigh and Bobby discuss FedRAMP requirements, the importance of understanding inheritance in compliance frameworks, and the recent changes in certification r...
2024-10-1748 minClimbing Mount CMMC
Climbing Mount CMMCThe 32 CFR Final Rule is out NOW (Let's chat)32 CFR Final Rule!The time has come. We wanted to hop on a quick video, before Kaleigh hops on a plane, to talk about the 32 CFR FINAL RULE. We may or may not have recorded a 2 hour long podcast this week that we now have to cut…but we are back and ready to review the Final Rule.Phase extensions, SPD definitions, ESP requirements and more!Read it Here: https://public-inspection.federalregister.gov/2024-22905.pdfWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ...
2024-10-1117 minClimbing Mount CMMC
Climbing Mount CMMCLet's Get Real About Resources (What you need on your CMMC Climb)Hello Climbers, let's get real about the resources needed on your climb of CMMC. Bobby and Adam discuss the people, tools, and more that it takes to accomplish CMMC Level 2 compliance.They explore the importance of having knowledgeable personnel, the role of Managed Service Providers (MSPs) and consultants, the challenges in finding certified MSPs, and the technology resources required for compliance. The discussion emphasizes the significance of scoping, data flow, and security considerations, as well as the preparation needed for assessments and audits.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2...
2024-10-1044 minClimbing Mount CMMC
Climbing Mount CMMCRaising Boats and Empowering New Voices in Cybersecurity with Jason SproesserIn this engaging conversation, Jason Sproesser shares his journey into the CMMC space and the evolution of the Sum IT Up podcast. The discussion highlights the importance of community, vulnerability, and authenticity in the cybersecurity field, as well as the challenges faced by MSPs. Jason emphasizes the need for collaboration and the value of sharing experiences to help others navigate the complexities of cybersecurity compliance. Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.l...
2024-10-0345 minClimbing Mount CMMC
Climbing Mount CMMCThe Country Song of CMMC (What 32 CFR Did to Us)In this podcast episode, Bobby Guerra and Kaleigh Floyd discuss the challenges and implications of the CMMC (Cybersecurity Maturity Model Certification) ruling. They highlight the impact of the 32 CFR (Code of Federal Regulations) on organizations and vendors who need to meet the level two requirements. They emphasize that many companies were not intentionally misleading or non-compliant, but rather were caught off guard by the new ruling. The conversation explores the emotional and financial toll this has taken on businesses and offers recommendations for those navigating the CMMC process.Website: https://www.axiom.tech/YouTube: https://www...
2024-09-2623 minClimbing Mount CMMC
Climbing Mount CMMC5 Things We Learned from Our Gap AssessmentFresh off the press! Bobby and Adam just completed a gap assessment done by a C3PAO and they want to share what they've learned with all of you. Here are the top 5 things that made their assessment so difficult. We hope you enjoy.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-09-1938 minClimbing Mount CMMC
Climbing Mount CMMCEmergency Episode Drop (32 CFR Review Status)Emergency Podcast Episode 🚨 The 32 CFR Final Rule COMPLETED THE REVIEW PROCESS and things are heating up. We couldn't help but hop on the podcast and share this news and what it means for organizations and MSPs in the community.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-09-1637 minClimbing Mount CMMC
Climbing Mount CMMCOur Journey to CMMC ComplianceLet's get personal. Axiom has been on this CMMC journey for about 3 years now and we'd love to share our experience as an MSP and small business in the industry. In this episode, Bobby and Adam share how they got into this space and their fears and challenges going in. Bobby started Axiom over 20 years ago and the transition to a Level 2 Certified MSP has been challenging to say the least. They also share where they're at now and how they are supporting clients.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3...
2024-09-1231 minClimbing Mount CMMC
Climbing Mount CMMCWhat's On the CMMC Menu? (4 Different Approaches to CMMC)Let's talk about the CMMC Menu items. There are multiple ways that a business can tackle CMMC and we wanted to share with you 4 popular ways. In no way are we claiming these to be the only ways, but we do feel like these are the top four ways we've seen companies climb the mountain. Comment below if you have any questions or ideas on another way to climb. We'd love to hear!Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: h...
2024-09-0537 minClimbing Mount CMMC
Climbing Mount CMMCNavigating the Complex Landscape of CMMC Compliance w/Jacob Hill(Season Two Episode 15) Bobby Guerra is joined by Jacob Hill, VP of cybersecurity at Alamo City Engineering Services and founder of GRC Academy. Jacob discusses the importance of education and training in the defense contractor industry. He shares his experience in implementing CMMC compliance and the challenges he faced in finding comprehensive education resources. Jacob explains the focus of his GRC Academy courses, including an overview course for practitioners and an awareness course for executives. He emphasizes the need for defense contractors to understand the requirements and implications of CMMC and advises against blindly following consultants without educating oneself.
2024-08-2931 minClimbing Mount CMMC
Climbing Mount CMMCSoftware Development in the CMMC Ecosystem w/Kyle LaiIn this conversation, Bobby is joined by Kyle Lai, President and Chief Information Security Officer at KL3. They discuss the challenges and considerations of CMMC compliance for organizations involved in software development. Kyle emphasizes the importance of selecting a C3PAO (CMMC Third-Party Assessor Organization) that understands the unique requirements of software development and can assess the organization effectively. Bobby and Kyle also highlight the need for scoping the software development process, identifying security protection assets, and defining the division of duties between IT and development teams. Kyle advises organizations to have a solid plan in place for managing...
2024-08-2242 minClimbing Mount CMMC
Climbing Mount CMMCLet's Get Real About Cost of CMMC(Season Two Episode 13) In this episode, Bobby and Kaleigh discuss the Cost in their Let's Get Real Miniseries. They breakdown the cost into three categories: Scoping & Design, Implementation, and Maintenance. They are honest about their personal journey and costs of their CMMC track. Bobby explores Option A, which involves hiring and training internal staff, and Option B, which involves outsourcing to an external organization. They emphasize the importance of having a point of contact within the organization to work with the consultant and ensure the desired outcomes are achieved. Website: https://www.axiom.tech/YouTube: https://w...
2024-08-1534 minClimbing Mount CMMC
Climbing Mount CMMCAre You Ready for A CMMC Assessment? w/Adam EvansIn this conversation, Bobby and Adam discuss the importance of being ready for an assessment and share their experiences with self-assessment. They highlight the need to have solid evidence and be able to demonstrate compliance with the controls and assessment objectives. They also emphasize the interconnectedness of controls and the importance of having evidence that covers multiple controls. They introduce a template they use for self-assessment and explain how it helps them track their progress and identify areas that need more focus. Overall, the conversation provides valuable insights and tips for organizations preparing for assessments.Website: https...
2024-08-0837 minClimbing Mount CMMC
Climbing Mount CMMC5 Questions to Ask Your MSP to Gauge Their CMMC ReadinessIf you're planning to get certified in the next two years and work with an MSP, you should ask them these questions. If you're an MSP/ESP providing services to companies aiming for certification, you should be prepared to answer these questions. It takes a company eight months to a year to become CMMC ready.Through this pointed and hard-hitting podcast episode, we aim to educate and challenge us all. Being an MSP helping clients on their CMMC path is serious business and a huge responsibility. This can't be solved with products or white labeling; it requires...
2024-08-0122 minClimbing Mount CMMC
Climbing Mount CMMCThings You Should Prepare for BEFORE Your Assessment w/Amira Armond(Season 2 Episode 10) Bobby Guerra and Amira Armond discuss various cybersecurity challenges and solutions. They emphasize the need for strong physical defenses, proper training, and encryption when dealing with external media. They also highlight the importance of securing contractor-managed assets and implementing security measures across the entire network. It is critical for organizations to have a clear understanding of their entire network and the assets within it, even if they are not considered CUI assets. Lastly, Bobby and Amira have a discussion on the reporting requirements for cyber incidents in the defense contracting industry.Website: https://w...
2024-07-2538 minClimbing Mount CMMC
Climbing Mount CMMCLet's Get Real (Miniseries)(Season 2 Episode 9) Alright Climbers, let's get real. We are ready to share our truth and honest opinions of our CMMC journey. Bobby and Kaleigh will be specifically breaking down the cost, resource, impact, and time. If you're interest in our journey and the things that we've learned along the way, make sure to tune in to this miniseriesWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's...
2024-07-1823 minClimbing Mount CMMC
Climbing Mount CMMCThe Importance of Education and Gap Assessments in the CMMC Space w/Koren Wise(Season 2 Episode 8) Koren Marie Wise, CEO of Wise Technical Innovations, and Bobby Guerra emphasize the importance of having a skilled and knowledgeable team, conducting thorough gap assessments, and understanding the flow of Controlled Unclassified Information (CUI). Koren also highlights the need for proper scoping, accurate network diagrams, and the right skill sets to ensure compliance with the NIST 800-171 framework. In this conversation, they discuss the challenges and considerations for Managed Service Providers (MSPs) in the context of the Cybersecurity Maturity Model Certification (CMMC). They emphasize the importance of engaging with experienced and knowledgeable MSPs who understand the requirements...
2024-07-1159 minClimbing Mount CMMC
Climbing Mount CMMCCan MSPs Participate in Joint Surveillance Assessments?In this conversation, Bobby Guerra, Adam Evans and Brian Hubbard discuss the challenges faced by MSPs in meeting compliance requirements, particularly in relation to the CMMC. They explore the concept of Joint Surveillance Voluntary Assessments (JSVAs) and the benefits they offer in terms of getting a jumpstart on certification. They also discuss the importance of MSPs staying engaged with the Defense Industrial Base (DIB) and the need for clarity and guidance from the DOD on various aspects of compliance. The conversation highlights the critical role of MSPs in supporting the DIB and the potential consequences of not having enough...
2024-07-0434 minClimbing Mount CMMC
Climbing Mount CMMCLet's Talk About Scoping w/Amira ArmondIn today's episode, Bobby is joined by Amira Armond, President of Kieri Solutions. They discuss scoping in the CMMC landscape and the things that can help or hinder your journey. Amira breaks down the difference between in scope and out of scope, is your work email able to be on a personal device, and more. We hope you enjoy today's episode!Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/
2024-06-2744 minClimbing Mount CMMC
Climbing Mount CMMCThe Alphabet Soup of CMMCIf you are on your CMMC journey, like us, you've noticed the MANY acronyms that come with the landscape. We are here to breakdown the different acronyms and how they connect to each other. We hope that you enjoy todays podcast!Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-06-2035 minClimbing Mount CMMC
Climbing Mount CMMCHow Compliance Effects the MSP Industry w/Joy Beland, Stuart Itkin, and George Perezdiaz(Season Two Episode 4) Bobby is joined by Joy Beland, Stuart Itkin, and George Perezdiaz to discuss the changes happening in the MSP industry, due to these new compliance regulations and frameworks. Is it for the better? How can we prepare our businesses for this change?Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-06-1352 minClimbing Mount CMMC
Climbing Mount CMMCThe Importance of Education in the CMMC Ecosystem w/Matt Hoeper(Season Two Episode 3) Bobby is joined by Matt Hoeper, from Edwards Performance Solutions, to discuss the educational piece of the CMMC world. They discuss the CCP and CCA courses and how to prepare for testing.He highlights the role of certifications like CCP (Certified CMMC Professional) and the knowledge of IT and NIST standards in preparing for CMMC assessments. Matt emphasizes the need for consultants and assessors to have a deep understanding of the CMMC requirements to ensure successful assessments and contract wins. He also recommends following industry experts on LinkedIn for valuable insights and staying updated on...
2024-06-0633 minClimbing Mount CMMC
Climbing Mount CMMCWhat You Should Know and Look for in A GRC Tool w/Mark Berman(Season Two Episode 2) Bobby is joined by Mark Berman, CEO of FutureFeed.co, to discuss his connection to Cyber AB and why GRC tool are so important to your security and compliance journey. We hope you enjoy today's episode and make sure to comment any questions you may have.The conversation also touches on the concept of security protection data (SPD) and the challenges it poses for GRC tools. The need for clarity and regulation in handling SPD is highlighted, along with the importance of choosing a GRC tool that prioritizes data security.Website: https...
2024-05-3048 minClimbing Mount CMMC
Climbing Mount CMMCNavigating Cybersecurity Requirements in Government Contracts w/Brian Hubbard and Shel Phillips(Season Two Episode 1) Bobby sits down with Shel Phillips and Brian Hubbard to discuss an RFP and how to read and break it down. During a CMMC journey, many will come across RFPs, and it is critical to know and understand how to read and review them properly.They emphasize the importance of MSPs/MSSPs and organizations working together to ensure compliance and avoid potential risks. In this conversation, Brian Hubbard and Shel Philips discuss the importance of understanding and complying with cybersecurity requirements in government contracts. They explore topics such as the Federal Acquisition Regulation (FAR...
2024-05-2342 minClimbing Mount CMMC
Climbing Mount CMMCSeason One Finale -Our Favorite Moments(Season One Episode 22) Well, here we are at the Final Episode of this season. We can't thank all of you enough for joining us on this journey of CMMC. This season was better than we could have ever imagined. The guests were wonderful and we're grateful they took the time to share their thoughts and perspectives on some hard-hitting topics. Season Two will start on May 24th with ALL NEW CONTENT! We're thrilled to share these episodes with you. Until then, keep on climbing!Our Guests for Season One:Brian HubbardJoy Beland
2024-04-1832 minClimbing Mount CMMC
Climbing Mount CMMCQuestions to Ask When Hiring A CMMC Consultant(Season One Episode 21) Are you considering hiring a consultant or MSP to help you along your CMMC journey? There are things you should know and questions you should ask BEFORE starting your climb. Bobby Guerra and Joe Scholefield talk about the questions businesses should ask themselves and their potential consultants that will make the journey a bit easier. We hope that you enjoy our last guest podcast of Season One! Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/
2024-04-1121 minClimbing Mount CMMC
Climbing Mount CMMCWhat MSPs Need to Know About FedRAMP(Season One Episode 20) We've talked about the connection between CMMC and FedRAMP, now it's time to discuss what MSPs need to know about FedRAMP, while on their journey of CMMC. Bobby is joined by Karen Stanford to discuss this topic. With Karen's expertise on FedRAMP, she expresses her recommendations for the MSP community, when climbing the hill of CMMC.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ ...
2024-04-0543 minClimbing Mount CMMC
Climbing Mount CMMCWhat is Security Protection Data and Assets?(Season One Episode 19) We are joined by Karen Stanford to discuss the controversy of defining Security Protection Data. This is an honesty-based episode, and we don't hold back. Let's dive in!As a seasoned cybersecurity professional with over 20 years of experience, Karen has a proven track record of delivering high-quality consulting services to both commercial and federal clients, especially in the field of cloud computing. Karen is the President and Founder of Archstone Security, LLC, a company that she launched in 2022, to help organizations achieve and maintain compliance with the most stringent standards, such as FedRAMP, FISMA...
2024-03-2829 minClimbing Mount CMMC
Climbing Mount CMMCThe MSP Cybersecurity Exchange (MSPCyberX)(Season One Episode 18) If you're an MSP looking for a community to grow with, you're in the right place! Today, Kaleigh sits down with Brian Hubbard to discuss his new entitative, MSP Cybersecurity Exchange. We are going to talk about their mission and vision behind MSPCyberX and what made Brian start it in the first place.Learn More: www.mspcyberx.comBrian Hubbard is the President of Evolved Cyber Solutions, bringing over 40 years of cybersecurity experience to the table. Specializing in developing cost-effective cybersecurity programs for small to medium-sized businesses, Brian is a Certified CMMC...
2024-03-2123 minClimbing Mount CMMC
Climbing Mount CMMCWhat is CMMC?(Season 1 Epsiode 17) In this episode, Kaleigh and Adam discuss the beginning of CMMC and what it is exactly. If you're starting to see this acronym a lot and don't know where to start, this is the perfect video for you.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-03-1533 minClimbing Mount CMMC
Climbing Mount CMMCIs MSP a Four-Letter Word with CMMC?Bobby and Adam discus what CMMC means for the average MSP. It's going to hit a point in every MSPs journey where they have to decide to either take on the CMMC mountain or go the other way. They discuss where their company, Axiom, is in their journey of CMMC and where they want to be next year. They also discuss the pros and cons with taking on the climb.References: The Fascinating History of CMMC (2010 - 2020) as Told by Jacob Horne (youtube.com)Website: https://www.axiom.tech/YouTube: https://www.youtube.com...
2024-03-0739 minClimbing Mount CMMC
Climbing Mount CMMCCommon Mistakes MSPs Make When Tackling CMMC (Part Two)(Season 1 Episode 15) Bobby Guerra and Adam Evans discuss some of the most common mistake MSPs make while on the journey of CMMC. They know many of these mistakes because they made them themselves. Their goal is to educate others so that their journey may be bit easier than their own. This is part two of a two-part episode.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's...
2024-02-2326 minClimbing Mount CMMC
Climbing Mount CMMCCommon Mistakes MSPs Make When Tackling CMMC (Part One)(Season 1 Episode 14) Bobby Guerra and Adam Evans discuss some of the most common mistake MSPs make while on the journey of CMMC. They know many of these mistakes because they made them themselves. Their goal is to educate others so that their journey may be bit easier than their own. This is part one of a two part episode.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ ...
2024-02-1625 minClimbing Mount CMMC
Climbing Mount CMMCThe Fears Vendors Have With CMMC(Season 1 Episode 13) In tis episode, Bobby and Adam talk with Wes Spencer about the fears and concerns vendors have when dealing with CMMC. There are many unknowns and there are also many things being said. What do you believe? Which path do you follow? The key word that Bobby wants to highlight is TRANSPARENCY.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin...
2024-02-0848 minClimbing Mount CMMC
Climbing Mount CMMCThe Connection Between FedRAMP and CMMC(Season 1 Episode 12) In today's episode, Bobby talks with Karen Stanford about the connection between the FedRAMP space and CMMC. Karen gives insight to what MSPs should be prepared for and how they can best prepare their clients. *This episode was recorded before the latest CMMC ruling.*Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-02-0226 minClimbing Mount CMMC
Climbing Mount CMMCTop 10 Things MSPs Should Be Doing (Part Two)(Season 1 Episode 11) And the journey continues! Bobby talks to Matt Lee (CISSP, CCSP, CFR, PNPT) about the last 5 of their top 10 things MSPs should be doing list. No filter required for this real talk about the do's and don'ts of the MSP and cybersecurity world.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-01-2538 minClimbing Mount CMMC
Climbing Mount CMMCTop 10 Things MSPs Should Be Doing (Part One)(Season 1 Episode 10) Bobby talks to Matt Lee (CISSP, CCSP, CFR, PNPT) about the top 10 things MSPs should be doing right now. No filter required for this real talk about the do's and don'ts of the MSP and cybersecurity world.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-01-1838 minClimbing Mount CMMC
Climbing Mount CMMCThe Connection Between CIS and CMMC(Season 1 Episode 9) Bobby talks with Shel Philips(PMP RP) about how you can't have security without compliance, CIS, the NIST framework, and more.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2024-01-1140 minClimbing Mount CMMC
Climbing Mount CMMCThe CMMC Ruling and What It Means For MSPs(S1E8) In today's podcast episode, we're joined by Amira Armond and Brian Hubbard as we delve into the impact of the new CMMC Proposed Ruling on how it effects MSPs. How does this ruling influence the tools available to MSPs because of Security Protection Data requirements? Where do MSPs stand in the phased rollout of the CMMC program? And, importantly, how can MSPs avoid the necessity of being level two certified?We didn’t hold back; we asked the tough questions, and Amira and Brian shared their insightful perspectives on these critical topics and more....
2024-01-0459 minClimbing Mount CMMC
Climbing Mount CMMCWhy Businesses Should Have Cyber Insurance(S1E7) Bobby talks to Will Brooks from FifthWall Solutions about cyber insurance and why it is important for all businesses. Cyber security is not a part-time job and, in this episode, we discuss why.Learn More: https://fifthwallsolutions.com/Follow Will: https://www.linkedin.com/in/wi1bo/Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in...
2023-12-2829 minClimbing Mount CMMC
Climbing Mount CMMCShould I Use a CMMC Template?(S1E6) In this episode, Bobby talks with Amira Armond(CCA) about CMMC templates. When you're looking for a CMMC Template, what information should you know before purchasing? No CMMC templates are created equal.Learn more about: https://www.kieri.com/Follow: https://www.linkedin.com/in/amira-armond/Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ ...
2023-12-1439 minClimbing Mount CMMC
Climbing Mount CMMCHow Much Has CMMC Cost Us?(S1E5) In this episode, we breakdown the REAL cost of CMMC for us as a company. This consists of TRUE numbers and TRUE talk. This is us being transparent with all of you about what it has cost us as well as what we're projected to spend for the coming year.Our website: https://www.axiom.tech Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/
2023-12-0719 minClimbing Mount CMMC
Climbing Mount CMMCPreparing for our Level 2 CMMC Assessment(Season 1 Episode 4) We are thrilled to have Adam Evans joining our Axiom team! In this episode, Bobby and Adam discuss the challenges they're facing while preparing for their Level 2 assessment.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/
2023-12-0130 minClimbing Mount CMMC
Climbing Mount CMMCMSPs for the Protection of Critical Infrastructure w/Joy Beland(S1E3) In this episode, Bobby and Joy Beland (CCA) shed light on the MSPs for the Protection of Critical Infrastructure initiative. They explore the collective's objectives and what MSPs/MSSPs can anticipate upon joining. Emphasizing the importance of building a secure, compliant, and resilient infrastructure, this discussion provides valuable insights for industry professionals. Our website: https://www.axiom.tech Learn more about: https://www.mspcollective.org/ Follow: https://www.linkedin.com/in/joy-belinda-beland/ Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_Z...
2023-11-3040 minClimbing Mount CMMC
Climbing Mount CMMCHow to Prepare for a CMMC Assessment w/Brian Hubbard(S1E2) In this episode, Bobby Guerra tackles the essentials of preparing for a CMMC Assessment. He sits down with a Certified CMMC Assessor, Brian Hubbard, to delve into the key elements assessed during the process. Emphasizing the significance of both business and MSP compliance, this discussion offers crucial insights for navigating CMMC assessments. Our website: https://www.axiom.tech Learn more about: https://evolvedcyber.com/ Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ B...
2023-11-2321 minClimbing Mount CMMC
Climbing Mount CMMCThe Mission and Vision Behind Our PodcastWelcome to the first episode of Climbing Mount CMMC. In this podcast, we lay out the foundation and the vision for this podcast. We hope that us documenting our journey will help others following this trail in the future. Thank you for joining our community as we climb the mountain known as CMMC. Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/ Kaleigh's Linkedln: https://www.linkedin.com/i...
2023-11-1613 minClimbing Mount CMMC
Climbing Mount CMMCClimbing Mount CMMC - The TrailerWelcome to the Climbing Mount CMMC podcast. Join us as we climb the mountain of CMMC. Whether your an MSP or a company working with an MSP, you can benefit from this podcast. We are also excited to announce that we will have guests on our podcast who are professional in their fields. These guests include Brian Hubbard, Joy Beland, Amira Armond and many more.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/ Bobby's Linkedln: https://www...
2023-11-1402 min