Shows
CMMC News by Jun CyberISO 27001 Certification GuideSend us a textIn this episode, we break down everything you need to know about ISO 27001 certification, the international gold standard for information security management. Whether you're just starting your compliance journey or looking to deepen your understanding of the certification process, this comprehensive guide has you covered. We'll explore: What ISO 27001 is and why it mattersThe benefits of certification, from enhanced security to competitive advantageA step-by-step walkthrough of the ISO 27001 certification processKey differences between internal and external auditsTips for preparing your organization for a successful auditTraining options for individuals looking to...2025-05-1415 min
Wilson County NewsPOTH HONOR ROLLSFifth six weeks Sixth grade All A’s: Aubrey Bailey, Emilee Brown, Case Cooke, Landri Helmke, Tynely Kotara, Logan Kotzur, McKenzie Moy, Connor Pruski, Brody Reed, Anthony Sanchez, Corbin Smolka, Trace Tackitt, Jason Tellez, Joseph Ulrich. A/B: Teagan Arruda, Dreadyn Bautista, Libby Bourne, Breelee Buehring, Faith Canseco, Blaise Cooke, Kenzi Dziuk, Teigan Felux, Brylee Garcia, Turner Garcia, Valerie Gaytan, Korbyn Green, Brody Heerwald, Brandyn Hernandez, Diesel Jansky, Daisy Johnson, Jase Kline, Conner Korb, Sophia Kurz, Liv Labus, Aiden MacFarland, Connley Martin, Aiden McGirr, Presleigh Ortmann, Emerson Posey, Katherine Pruski, Brayden Robles, Samyra Rocha, Sammie Salas, Cheyenne Urbanczyk, Jayci We...2025-05-1303 minCMMC News by Jun CyberNavigating New DOD ODP Mandates in NIST SP 800-171 Revision 3Send us a text🚨 Working with the Department of Defense or handling Controlled Unclassified Information (CUI)? Here’s what you need to know about the DOD’s new approach to NIST SP 800-171 Revision 3 ODP values.Just listened to the latest episode of CMMC News, where the hosts did a deep dive into the recent DOD memo standardizing “Organization Defined Parameters” (ODPs) for protecting CUI. If you’re a defense contractor—or work in the DIB—these aren’t just guidelines, they are your new minimums.🔑 3 Key Takeaways:No More Guesswork: Th...2025-05-0525 minCMMC News by Jun CyberThe Essentials of Cyber Incident Reporting for Defense ContractorsSend us a textHello LinkedIn community! 🌐 As we delve deeper into the cybersecurity requirements for Department of Defense (DOD) contracts, understanding DFARS Clause 252.204-7012 is crucial. It outlines safeguarding covered defense information (CDI) and protocols for cyber incident reporting. Here are three key takeaways for businesses and contractors engaging with the DOD:Understanding CDI: It’s essential to recognize what constitutes covered defense information. CDI includes sensitive technical data, like military blueprints and designs, and any information listed in the controlled unclassified information (CUI) registry. Whether provided by the DOD or generated during contr...2025-03-2622 minCMMC News by Jun CyberSPRS and You: Managing DOD Cybersecurity ExpectationsSend us a textWe just dived deep into the Department of Defense's NIST SP 800-171 assessment requirements. This is crucial for any contractor involved with DoD contracts, especially when it comes to cybersecurity. Here are three key takeaways:Assessment Frequency: If you're implementing NIST SP 800-171, make sure you have a recent assessment conducted within the last three years for every covered information system tied to DoD contracts.Assessment Levels: There are three types of DoD assessments - Basic, Medium, and High. Understanding which level applies to you and how to...2025-03-2611 minCMMC News by Jun CyberNavigating DFARS Clause and Cybersecurity Assessments for DOD ContractsSend us a text🔍 Want to stay ahead in the world of government contracts and cybersecurity? Dive into our latest CMMC News episode where we explore the NIST SP 800-171 DoD Assessment Requirements. It's all about breaking through the wall of acronyms and jargon to ensure you know exactly what the Department of Defense expects when it comes to protecting sensitive information.Here are 3 key takeaways:Understand Assessment Levels: We break down the three types of cybersecurity assessments — Basic, Medium, and High — and what each level of confidence means for your contract require...2025-03-2616 minCMMC News by Jun CyberUnderstanding How ESPs Fit into Your CMMC Assessment PuzzleSend us a text🌟 Just listened to another insightful episode of the CMMC News podcast, where the hosts take a deep dive into the complexities of CMMC, focusing on ESPs, SPAs, and VDIs. Here's what stood out to me:🔍 Key Takeaways:Scoping ESPs in CMMC: The involvement of External Service Providers in the CMMC assessment depends largely on their interaction with Controlled Unclassified Information (CUI) and whether they are a Cloud Service Provider. Non-cloud ESPs processing CUI make the whole service part of your CMMC scope.VDI Configurations Simplifying Scope...2025-03-1730 minCMMC News by Jun CyberSecure Your Defense Contracts: Navigating CMMC Levels with NIST PublicationsSend us a text🚀 Exciting Insights from Our Latest Deep Dive on the CMMC News Podcast! 🎧In our newest episode, we unpack the intricacies of the Cybersecurity Maturity Model Certification (CMMC) and its alignment with NIST standards, essential for those engaged with Department of Defense contracts. Dive into the details with us as we explore practical implications and strategic alignments.🔹 Key Takeaways:CMMC Levels Explained: Understand how the different levels of CMMC build upon each other, starting from the foundational Level 1 to the more advanced Level 3 that incorporates elements...2025-03-1713 minCMMC News by Jun CyberBreaking Down CMMC ESPs and Inherited Controls: What DOD Contractors Need to KnowSend us a text🚀 New Episode Alert: Navigating CMMC Compliance with ESPs and Inherited Controls 🚀In our latest episode of CMMC News, we dive deep into the complexities of CMMC compliance and how to effectively manage the relationship with your External Service Providers (ESPs). This episode is packed with insights that are crucial for any DOD contractor aiming to unravel the intricacies of inheriting security controls while maintaining full compliance responsibility. Here's a sneak peek at three key takeaways:🔹 Own Your Responsibility: Just because your ESP is CMMC certified doesn’t mean you’re...2025-03-1716 min
Language Goes To SchoolPhilippe Bérard: Navigating the Language Triangle in ArgentinaHumans have been multilingual for millennia. So have the various forms of education in which they’ve engaged. Modern trends toward bi- and multilingual education may seem new to some, but are actually a part of a much longer historical arc. Case in point: English-Spanish education at the Westminster-Juan Bautista Alberdi School in Buenos Aires, in which half of the academic subjects were taught in English and half in Spanish. It was this program that Philippe Bérard attended in elementary and middle school years in the 1960s and 1970s. But wait—there’s more! Philippe’s father was second-ge...2025-03-0146 minCMMC News by Jun CyberChoosing a CMMC Consultant: Certification, Experience, and FitSend us a textIn this episode of CMMC News, host Wilson Bautista Jr. breaks down the crucial factors to consider when choosing a CMMC consultant. He outlines five essential criteria: ensuring proper CMMC certification, verifying real audit experience, evaluating communication skills, determining consultation needs (assessment vs. implementation), and assessing cultural fit with your organization. Whether you're starting your CMMC journey or preparing for an audit, this episode provides valuable insights to help you avoid costly mistakes and find the right consultant to guide your compliance efforts. Learn how to identify red flags, verify credentials, and make...2025-01-3110 minCMMC News by Jun CyberNavigating CMMC Compliance: Selecting the Best C3PAOSend us a textWelcome to another episode of CMMC News! Today, we're simplifying the complexities of cybersecurity compliance, specifically diving into how to choose the right Certified Third Party Assessment Organization (C3PAO) to guide your organization to CMMC compliance. I'm your host, Wilson Bautista Jr., and in this episode, we'll break down the key considerations to make the right choice. From examining a C3PAO's experience with federal compliance frameworks like NIST 80171 and FedRAMP to assessing their industry expertise, reputation, and communication skills, we'll cover it all. Plus, we'll discuss the importance of verifying accreditation...2025-01-2106 min
Dev.Sec.LeadTransitioning to Cybersecurity: Lessons from a Veteran and CEO- Recording from CyberWorks Webinar by CyberFloridaKey Takeaways from the Episode:Navigating Career TransitionsWilson shares invaluable advice on transitioning into cybersecurity, especially for those with a non-traditional background. His path from being a musician to a cybersecurity expert at multinational companies emphasizes the importance of leveraging diverse skills and experiences.Importance of Certifications and Continuous LearningWilson highlights the significance of certifications like Security+ and CEH, while cautioning against collecting certifications without practical experience. He encourages focusing on specific roles within cybersecurity to make efficient use of your learning time.Building a Strong Professional...2025-01-1754 minCMMC News by Jun CyberAudit of the DoD’s Process for Authorizing Third Party Organizations to Perform Cybersecurity Maturity Model Certification 2.0 Assessments (Report No. DODIG-2025-056)Send us a textA Department of Defense Inspector General audit (DODIG-2025-056) revealed that the Department of Defense (DoD) inadequately implemented its process for authorizing third-party organizations to conduct Cybersecurity Maturity Model Certification (CMMC) 2.0 assessments. The audit found that the DoD failed to ensure all required steps were completed before authorizing these organizations, increasing the risk of awarding contracts to companies lacking sufficient cybersecurity controls. Two hotline allegations were substantiated. Ten recommendations were issued to improve the authorization process, focusing on implementing quality assurance measures to guarantee compliance. The DoD OIG will continue monitoring the DoD's...2025-01-1421 minCMMC News by Jun CyberFEDRAMP Moderate Equivalency for Cloud Service ProvidersSend us a textThis memorandum from the Department of Defense outlines requirements for cloud service providers (CSPs) seeking FEDRAMP Moderate equivalency. It details the necessary assessments and documentation, including security plans and testing procedures, that CSPs must meet. The memorandum emphasizes the importance of compliance with specified Defense Federal Acquisition Regulations Supplement clauses. Finally, it clarifies the roles and responsibilities of the contractor, CSP, and assessing organizations. The document aims to ensure the security of covered defense information processed by these cloud services.2025-01-0716 min