Best CMMC Compliance Guide Podcasts (2025)

1
The Truth About CMMC Enclaves: Pros, Cons, and Compliance Risks 29:27

Play Pause

7d ago29:27

29:27

Submit any questions you would like answered on the podcast! Thinking about building an enclave for CMMC compliance? Not so fast. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down: What an enclave actually is (in plain English) When an enclave makes sense (and saves you money) When it can …

1
Are You Really Ready for a CMMC Assessment? 31:54

14d ago31:54

31:54

Submit any questions you would like answered on the podcast! Think you’re ready for your CMMC assessment? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the difference between being “paper ready” and truly “assessment ready.” From documentation gaps to overlooked technical controls, they share insider tips to hel…

1
When ‘Not Applicable’ Can Cost You Contracts 16:51

21d ago16:51

16:51

Submit any questions you would like answered on the podcast! Marking a CMMC control as “Not Applicable” might feel like an easy shortcut but get it wrong, and you could fail your assessment, lose contracts, or even face legal trouble. In this episode of The CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down the real risk…

1
How to Make Real CMMC Progress: Even if Compliance Isn’t Your Full-Time Job 45:44

1M ago45:44

45:44

Submit any questions you would like answered on the podcast! Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap Is CMMC just one of many hats you wear at your company? You’re not alone and you’re not out of luck. In this episode of the CMMC Compl…

1
What You Missed: June Cyber AB Town Hall CMMC Highlights 31:26

1M ago31:26

31:26

Submit any questions you would like answered on the podcast! 48 CFR UPDATE: https://www.ecfr.gov/current/title-48/chapter-2/subchapter-A/part-204/subpart-204.75 Missed the June 2024 Cyber AB Town Hall? We’ve got you covered. In this episode of the CMMC Compliance Guide, Brooke and Austin break down the biggest takeaways — including how recent leade…

1
6 Critical CMMC Questions Every Small DoD Contractor Should Know 17:30

2M ago17:30

17:30

Submit any questions you would like answered on the podcast! Are you trying to navigate CMMC and NIST 800-171 with a small team and limited resources? You're not alone. In this episode of the CMMC Compliance Guide, we’re breaking down six of the most common and confusing questions small DoD contractors ask—and giving you clear, practical answers yo…

1
CMMC on the Shop Floor: A No-BS Guide for CNC & Aerospace Machine Shops 26:51

2M ago26:51

26:51

Submit any questions you would like answered on the podcast! Happy 4th of July from the team at CMMC Compliance Guide Podcast! While you're celebrating freedom, hot dogs, and fireworks — don’t forget about safeguarding the data that defends that freedom. 🛡️ In this special edition, we're tackling what really works for CMMC compliance on the shop fl…

1
Ceasefire’s Here, But Your Shop’s Still a Target: What the DoD CIO Just Told Defense Contractors 23:44

2M ago23:44

23:44

Submit any questions you would like answered on the podcast! 🆓 Need help getting your SPRS score to 110? Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap The Department of Defense just issued a critical cybersecurity memo—and it's not just for …

1
Breaking Down the Real Cost of CMMC Compliance for Small Businesses 31:44

3M ago31:44

31:44

Submit any questions you would like answered on the podcast! Why is CMMC compliance so expensive—especially for small businesses? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down what really drives up the cost of CMMC and NIST 800-171 compliance, and more importantly—how you can cut costs…

1
How to Scope CMMC Correctly: Avoid Audit Failures, Over-Scoping, and Cloud Risks 12:17

3M ago12:17

12:17

Submit any questions you would like answered on the podcast! Is your CMMC scope setting you up for success—or failure? In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down one of the most misunderstood (and expensive) parts of your compliance journey: scoping. Learn how to define your CUI boundary th…

1
What You Missed at CEIC West 2025: CMMC Culture, AI Labeling, and Subcontractor Risks 51:51

3M ago51:51

51:51

Submit any questions you would like answered on the podcast! Missed CEIC West 2025 in Las Vegas? We’ve got your insider recap. In this episode of the CMMC Compliance Guide, Austin and Brooke break down the most critical insights defense contractors need to know—from Katie Arrington’s keynote to real-world flowdown risks, mock assessment walkthrough…

1
How to Identify and Fix Your NIST 800-171 Weak Spots 36:38

4M ago36:38

36:38

Submit any questions you would like answered on the podcast! Are you sure you're NIST 800-171 compliant? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the most overlooked NIST 800-171 requirements that continue to trip up DoD contractors—and what you can do today to avoid those costly mistakes. From data flow di…

1
CMMC Day 2025 Recap: Key Takeaways, Real-World Mistakes & What SMBs Must Fix Now 56:52

4M ago56:52

56:52

Submit any questions you would like answered on the podcast! Get the latest insider takeaways from CMMC Day 2025 straight from Washington D.C. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down the most critical updates small and midsized businesses (SMBs) in the defense supply chain need to know now. We cover: ✅ Why…

1
Decoding NIST 800-171: Your Plain English Path to CMMC Level 2 Compliance 59:20

4M ago59:20

59:20

Submit any questions you would like answered on the podcast! Feeling overwhelmed by CMMC compliance and NIST 800-171’s 110 controls? You’re not alone — but you don’t have to be stuck. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down NIST 800-171 Revision 2 in plain English — no government-speak, no tech jargon — so…

1
[Webinar] What You Can Expect from a HITRUST Assessment 40:14

5M ago40:14

40:14

In this webinar, Matt Halbleib (Director of Assessments) and Lee Pierce (Director of HITRUST Sales) will discuss: How to determine which HITRUST Assessment type to choose How to prepare for a HITRUST Validation Assessment What to expect from a SecurityMetrics HITRUST Assessment Ready to discuss your HITRUST needs? Request a quote here. Read our new…

1
How to Improve Your SPRS Score Before It Costs You Contracts 9:12

5M ago9:12

9:12

Submit any questions you would like answered on the podcast! Is your SPRS score putting your DoD contracts at risk? In this episode of the CMMC Compliance Guide, we break down exactly what the SPRS score is, why it matters, and how to improve it fast—before you lose out on federal work. Whether you're stuck at -72 or hovering at 80, we’ll walk you …

1
The E.A.S.Y Framework That Makes CMMC Actually Doable 13:15

5M ago13:15

13:15

Submit any questions you would like answered on the podcast! If someone tells you CMMC compliance can't be easy… they’re not necessarily wrong — but they’re also missing the point. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down one of the biggest myths in the compliance space: that achi…

1
CMMC Compliance Consulting vs. DIY Compliance: Which Is the Smarter, More Cost-Effective Choice? 33:17

5M ago33:17

33:17

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Austin dive into a key question many DoD contractors face: Should you handle CMMC compliance yourself or hire a consultant? We break down the risks, costs, and benefits to help you make the best decision for your business. D…

1
Your IT Provider: The Keystone to Passing CMMC – or the Hidden Risk That Could Cost You Everything 8:34

6M ago8:34

8:34

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey reveal a critical factor that could make or break your compliance journey: your IT provider. ✅ Discover why your IT provider plays a crucial role in your CMMC assessment. ✅ Learn the risks of working with an unqualifi…

1
How the DoD’s Cybersecurity Crackdown Could Impact Your Aerospace Contracts 50:17

6M ago50:17

50:17

Submit any questions you would like answered on the podcast! The DoD is tightening its cybersecurity regulations, and your aerospace contracts could be on the line. In this episode of The CMMC Compliance Guide Podcast, we break down the latest changes to CMMC, DFARS, and FAR that could directly impact your business. Join Austin and Brooke from Just…

1
CyberAB January Town Hall Updates: Key CMMC & FAR CUI Rule Insights for DoD Contractors 15:19

6M ago15:19

15:19

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, we break down the most important updates from the CyberAB January Town Hall. From the latest developments in CMMC implementation to the newly proposed FAR CUI rule, we discuss what these changes mean for DoD contractors and beyond. Key…

1
CMMC Compliance: How to Win DoD Contracts & Avoid Costly Mistakes 26:02

7M ago26:02

26:02

Submit any questions you would like answered on the podcast! In this week’s episode, Brooke Justice and guest cohost Stacey break down one of the most crucial topics for DoD contractors: how CMMC compliance directly impacts your ability to win and keep defense contracts. From understanding compliance levels to avoiding costly mistakes, we’ll walk y…

1
FedRAMP Authorization vs. Equivalency: What Your Business Needs to Know 14:03

7M ago14:03

14:03

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey from Justice IT Consulting dive deep into the critical distinctions between FedRAMP Authorization and FedRAMP Equivalency. Whether you're leveraging cloud services for compliance or planning your next steps in CMMC ce…

1
2024 Compliance Wrapped: Insights from CEIC East 27:25

8M ago27:25

27:25

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke Justice is joined by guest cohost Stacey Flores, stepping in for Austin Justice, to bring you the key takeaways from the recent CEIC East conference. If you missed the event, don’t worry—Brooke and Stacey are here to fill you in…

1
New to PCI Compliance? Get the Support You Need | SecurityMetrics Podcast 106 44:21

9M ago44:21

44:21

Learn more about cyber risks for small businesses: Are you a small-medium business owner? Did you just get a message from your bank telling you to call SecurityMetrics? Are you worried about having a bad experience? Do you know what PCI even means? This episode is for you. Learn how SecurityMetrics can help you navigate this regulatory landscape. W…

1
How It All Began: The CMMC Compliance Guide Podcast Origin Story 18:43

9M ago18:43

18:43

Submit any questions you would like answered on the podcast! In this special episode, we take you behind the scenes to explore the origin story of the CMMC Compliance Guide Podcast. Join hosts, Austin and Brooke Justice as they share how the podcast began, its mission to help defense contractors navigate the complexities of CMMC compliance, and wha…

1
A Digital War or an Unreasonable Ask for SMB's? (WARNING: SOAPBOX EPISODE) 49:57

9M ago49:57

49:57

Submit any questions you would like answered on the podcast! In this thought-provoking episode of the CMMC Compliance Guide Podcast, Brooke and Austin Justice tackle a question that’s top of mind for many small and medium-sized businesses in the defense supply chain: Is CMMC a necessary defense in a digital war, or an unreasonable burden on SMBs? K…

1
A Conversation with an Assessor ft. Chris Silvers 1:08:45

9M ago1:08:45

1:08:45

Submit any questions you would like answered on the podcast! In this special episode of the CMMC Compliance Guide Podcast, hosts Brooke and Austin Justice are joined by Chris Silvers, one of less than 100 individuals officially certified as both a Certified CMMC Provisional Assessor and Instructor. With over 25 years of cybersecurity experience, Ch…

1
October 2024 CyberAB Town Hall Recap: CMMC 2.0 Updates You Can't Miss! 15:14

9M ago15:14

15:14

Submit any questions you would like answered on the podcast! In this episode, Brooke and Austin Justice dive into the latest CyberAB townhall update, sharing key insights for defense contractors. Stay informed on the latest CMMC developments, compliance changes, and how they could impact your business. Whether you're navigating CMMC 2.0 or simply t…

1
32 CFR Rule Explained: Key Compliance Guide for DoD Contractors 52:31

9M ago52:31

52:31

Submit any questions you would like answered on the podcast! Are you a DoD contractor navigating the complexities of the 32 CFR Rule? In this video, we break down the key aspects of the 32 CFR Rule, explaining how it impacts defense contractors and the steps you need to take to stay compliant. Whether you're new to the defense industry or need a re…

1
November 2024 CyberAB Town Hall Recap: Essential CMMC 2.0 Updates for Defense Contractors 32:00

9M ago32:00

32:00

Submit any questions you would like answered on the podcast! In this episode, Brooke and Austin Justice dive into the latest CyberAB townhall update, sharing key insights for defense contractors. Stay informed on the latest CMMC developments, compliance changes, and how they could impact your business. Whether you're navigating CMMC 2.0 or simply t…

1
Navigating the 48 CFR Rule: Essential Insights for DoD Contractors on CMMC 2.0 Compliance 37:05

9M ago37:05

37:05

Submit any questions you would like answered on the podcast! In this in-depth discussion, Austin and Brooke Justice from Justice IT Consulting break down the critical updates and challenges associated with the new 48 CFR proposed rule for CMMC 2.0 compliance. Learn about the key differences from previous regulations, the most significant hurdles Do…

1
Are you ready for the ecommerce security storm? A buyer’s guide to PCI DSS 11.6.1 and 6.4.3 1:24:59

11M ago1:24:59

1:24:59

Join us on this extra long episode as SecurityMetrics experts Jen Stone, Gary Glover, Aaron Willis and Chad Horton dive deep into the evolving landscape of PCI compliance for e-commerce businesses. With the deadline for PCI 4.0 rapidly approaching, understanding the new requirements for e-commerce is crucial. In this episode, our panelists discuss:…

1
Cybersecurity for Families: A Parent-Child Guide to Online Safety | SecurityMetrics Podcast 104 27:27

12M ago27:27

27:27

Download the guide: https://www.cisecurity.org/insights/white-papers/from-both-sides-a-parental-guide-to-protecting-your-childs-online-activity Are you a parent looking for guidance on how to keep kids safe online? Join us for a candid conversation with Sean Atkinson, CISO at the Center for Internet Security, and his daughter, Emma, as they discuss…

1
Building a Resilient Healthcare System: A Cybersecurity Blueprint | SecurityMetrics Podcast Ep 103 38:29

12M ago38:29

38:29

Links from the episode: https://405d.hhs.gov/ Discover the latest trends and threats in healthcare cybersecurity. This episode explores the real-world impact of cyberattacks on patient care, the vulnerabilities of medical devices, and the strategies organizations can implement to protect their sensitive data. Request a Quote for a PCI Audit ► https…

1
Which SAQ type is right for my business? | SecurityMetrics Podcast Ep 102 32:02

1y ago32:02

32:02

Confused about PCI DSS compliance standards? This video breaks down each available SAQ type, including: SAQ-A, SAQ P2PE-HW, SAQ D for Service Providers, and the newly introduced SAQ SPoC for PCI DSS 4.0. Learn which one is right for your business based on your payment processing environment. Learn about: Different SAQ types for merchants Eligibilit…

1
Farm to… DevOps?: How anyone can grow into a tech career | SecurityMetrics Podcast Ep 101 36:08

1y ago36:08

36:08

Join Jen Stone as she chats with DevOps engineer and Day Two DevOps podcaster Kyler Middleton about her unique journey from a rural upbringing to becoming a DevOps expert. Discover how Kyler's passion for teaching led her to a career in technology, and learn about the importance of automation and documentation in building secure and efficient cloud…

1
Getting more from Your Penetration Test: Stop Checking Boxes | SecurityMetrics Podcast Ep 99 44:59

1y ago44:59

44:59

Is your penetration testing just a compliance formality? This episode of the SecurityMetrics Podcast redefines pen testing as a strategic partnership, empowering you to get the most out of your assessments. Join Jen Stone and James Farnsworth as they discuss: The critical role of scoping: Learn how to align business needs with technical assessments…

1
Level Up Your Healthcare Services: HIPAA Compliance for MSPs | SecurityMetrics Podcast 98 37:45

1y ago37:45

37:45

This episode of the SecurityMetrics Podcast is a valuable resource for MSPs who want to learn more about HIPAA compliance and how to better serve their healthcare clients. Join Jen Stone and David Sims to learn more about how Managed Service Providers (MSPs) can empower healthcare organizations to achieve HIPAA compliance. Learn about: The challeng…

1
The Future of Security: Leveraging Automation & AI | SecurityMetrics Podcast 97 33:00

1+ y ago33:00

33:00

Struggling to automate security tasks? Feeling overwhelmed by the process? This episode of the SecurityMetrics podcast dives deep into the world of automation with guest Mollie Breen, founder and CEO of Perygee. Mollie, a recognized cybersecurity and innovation expert, dismantles the myth of automation being a complex "one size fits all" solution. …

1
Data Risk Management: Building a Safer Data-Driven World | SecurityMetrics Podcast 96 28:23

1+ y ago28:23

28:23

There are four key questions to ask about your data: Where is it? What data do you have? Who has access? What risks are associated with how the data is accessed? Tune in this week as Jen Stone sits down with award-winning entrepreneur, Ani Chaudhuri, to discuss data security and data risk management. Listen to learn: Why automation is essential for…

1
Hacking Your Career: How to Become a Penetration Tester | SecurityMetrics Podcast 95 42:21

1+ y ago42:21

42:21

Becoming a penetration tester in the world of cybersecurity can be more complex than you'd think, but don't let that spook you. Tune in this week as Jen Stone sits down with James Farnsworth (Team Lead / Senior Penetration Tester at SecurityMetrics) to discuss the various paths to becoming a penetration tester. Listen to learn: The best tools to le…

1
Bridging the Cybersecurity Skills Gap | SecurityMetrics Podcast 94 36:07

1+ y ago36:07

36:07

Tune into the SecurityMetrics Podcast this week as host Jen Stone interviews Tillery, Director of Training and Education at Neuvik, to learn about the cybersecurity skills gap and how to bridge it. Listen to learn: How to attain an entry-level cybersecurity position. Why companies should focus more on employee trainings. The benefits of allowing em…

1
How to Communicate Cybersecurity Risk Effectively | SecurityMetrics Podcast 93 37:46

1+ y ago37:46

37:46

Tune in this week as Jen Stone sits down with Ryan Leirvik (founder and CEO of Neuvik) to discuss how to effectively communicate cybersecurity risk to a board of directors. Listen to learn: How to frame cybersecurity risks in a way that aligns with business objectives and priorities. How to break down complex security concepts for executives. How t…

1
HHS 405(d) Fundamentals: A Guide for Healthcare Providers and MSPs | SecurityMetrics Podcast 92 41:12

1+ y ago41:12

41:12

Tune in this week as Jen Stone sits down with Donna Grindle (CEO of Kardon) to learn about the Health Industry Cybersecurity Practices (HICP) framework and how the 405(d) initiative and the Health Sector Coordinating Council (HSCC) are working together to provide free cybersecurity guidance to healthcare organizations. Listen to learn: How the HHS …

1
Demystifying the Acquirer's Role in PCI Compliance | SecurityMetrics Podcast 91 19:09

1+ y ago19:09

19:09

Tune in this week as Jen Stone sits down with Candice Pressinger, an award-winning payment security leader, discussing the critical role acquirers play in the PCI ecosystem. This episode is a valuable resource for merchants seeking to understand acquirer roles in PCI compliance and gain insights into the broader payments industry. Listen to learn: …

1
HITRUST Certification: Navigating Challenges & Solutions | SecurityMetrics Podcast 90 32:52

1+ y ago32:52

32:52

HITRUST certification can be a significant undertaking. However, with the right guidance and support, organizations can overcome the challenges and establish a strong foundation for data security. Tune in this week as Jen Stone (MCIS, CISSP, CISA, QSA) sits down with Lee Pierce (Director of Enterprise Sales at SecurityMetrics) and Peter Briel (Foun…

1
Securing the CDE: Navigating Multi-Factor Authentication in PCI DSS 4.0 | SecurityMetrics Podcast 89 35:15

1+ y ago35:15

35:15

In this episode of the SecurityMetrics Podcast, Jen Stone chats with Keith O' Looney, an expert in multi-factor authentication (MFA) and PCI DSS compliance. They discuss the new requirements for MFA in PCI DSS 4.0, the challenges organizations face in implementing MFA, and how behavioral biometrics offer a unique solution. Learn how to navigate the…

1
PCI Compliance at Scale: Challenges & Solutions with Mars Global Team | SecurityMetrics Podcast 88 20:28

1+ y ago20:28

20:28

In this episode of the SecurityMetrics podcast, Jen Stone chats with Heidi Babi (PCI Security Assurance & Compliance Sr. Lead at Mars Corporation) about managing PCI compliance in a massive, complex organization with hundreds of data flows. Listen to learn: How to break down overwhelming requirements into manageable steps and design flexible soluti…

1
Inside GEAR: How QSAs are Influencing the Future of Payment Security Standards 25:49

1+ y ago25:49

25:49

Join Jen Stone of SecurityMetrics as she sits down with two industry veterans, Gary Glover (VP of Assessments at SecurityMetrics) and Andy Barratt (VP of Assurance Business at Coalfire), for a lively discussion about their careers, the challenges of PCI compliance, and the unique collaboration they share through the PCI Security Standards Council's…