Best CMMC Compliance Guide Podcasts (2025)

1
Cyber AB Town Hall September 2025: Key CMMC Compliance Updates 33:55

Play Pause

4h ago33:55

33:55

Submit any questions you would like answered on the podcast! The September 2025 Cyber AB Town Hall dropped big updates for contractors navigating CMMC and NIST 800-171 compliance. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down what the final CMMC rule (Title 48A) means for defense contractors, subcontractors, and…

1
NIST Small Business Primer and Quick Start Guides 1:01:07

3h ago1:01:07

1:01:07

Today we’re talking about something that may sound government-heavy but is actually critical for MSPs and the SMBs they serve: the new NIST Small Business Primer for SP 800-171 Rev. 3. At its core, this guide is about protecting Controlled Unclassified Information, or CUI. And while that might sound like it only applies to defense contractors, the …

1
Handling CUI Correctly: Compliance Risks and Best Practices 17:06

4d ago17:06

17:06

Submit any questions you would like answered on the podcast! Worried about mishandling Controlled Unclassified Information (CUI)? In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey break down what CUI really is, why it matters in defense contracting, and the biggest mistakes contractors make when handling it. You’ll also learn …

1
Microsegmentation Demystified: What Every MSP & Client Should Know 1:03:02

11d ago1:03:02

1:03:02

Today we’re tackling microsegmentation—a solution that could change the game against ransomware. Ransomware thrives on lateral movement: one compromised device turns into an entire network takedown. Microsegmentation stops that by creating secure ‘neighborhoods’ inside the network, containing the damage before it spreads. The big questions: can MSP…

1
CMMC Final Rule Explained: Deadlines, Requirements, and Next Steps for Defense Contractors 15:33

15d ago15:33

15:33

Submit any questions you would like answered on the podcast! The wait is over: the Department of Defense has finalized the CMMC rule, officially making it part of DFARS. That means compliance isn’t “coming soon”, it’s now in your contracts. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down…

1
AI’s Evolving Role in Attacks & Incident Reponse 1:01:04

14d ago1:01:04

1:01:04

Over the past couple of days, I was digging into the latest Anthropic Threat Report and one section really hit me. They wrote: ‘We’ve developed sophisticated safety and security measures to prevent misuse of our AI models. While generally effective, cybercriminals keep finding ways around them.’ And then they shared some eye-opening case studies—th…

1
CMMC Compliance Under 48 CFR Rollout 40:09

15d ago40:09

40:09

In this episode of Cherry Bekaert’s GovCon podcast, Neal Beggan is joined by cybersecurity professionals Steven Ursillo and Brian Kirk for a comprehensive deep dive into the current state of Cybersecurity Maturity Model Certification (CMMC) compliance. They discuss how 48 CFR will reshape the enforcement of cybersecurity requirements in government …

1
The Role of NIST 800-171 in Your CMMC Assessment 29:46

18d ago29:46

29:46

Submit any questions you would like answered on the podcast! Confused about where NIST 800-171 fits into your CMMC 2.0 assessment? You’re not alone. In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break it all down in plain English. We cover the foundation of NIST 800-171, how it maps into the CMMC levels,…

1
Encryption to Extortion, the Evolution of Cloud Based Attacks 1:02:02

22d ago1:02:02

1:02:02

In this session we talk about Salesloft Drift and the implications of OAuth based attacks. Companies use Drift with Salesloft to automate lead capture + sales workflows into Salesforce.com. Enter Nation State threat actor UNC6395, who was able to steal the tokens and gain a backdoor into Salesforce via these OAuth tokens. We then dive into the Evol…

1
The Truth About CMMC Enclaves: Pros, Cons, and Compliance Risks 29:27

1M ago29:27

29:27

Submit any questions you would like answered on the podcast! Thinking about building an enclave for CMMC compliance? Not so fast. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down: What an enclave actually is (in plain English) When an enclave makes sense (and saves you money) When it can …

1
When Cyber Hits the Fan: How Your Contracts Protect or Expose You 59:42

1M ago59:42

59:42

Last week, we dug into the surge of SonicWall VPN compromises. At first, there was speculation about a possible new zero day — but as the dust settled, we learned it was far more familiar: unpatched systems, misconfigurations, stale service accounts. One of the biggest takeaways came from breach attorney Spencer Pollack, who cautioned MSPs: don’t s…

1
Are You Really Ready for a CMMC Assessment? 31:54

1M ago31:54

31:54

Submit any questions you would like answered on the podcast! Think you’re ready for your CMMC assessment? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the difference between being “paper ready” and truly “assessment ready.” From documentation gaps to overlooked technical controls, they share insider tips to hel…

1
Akira Ransomware’s Relentless Attack on SonicWall SSLVPNs 1:02:45

2M ago1:02:45

1:02:45

In this session of The CyberCall, we’re cutting straight into one of the most relentless threats MSPs and their clients are facing right now—targeted ransomware attacks exploiting SonicWall SSLVPNs, with signs the attackers are already shifting to Fortinet VPNs. This isn’t theory. It’s happening in the wild, and the fallout is real. Huntress has be…

1
When ‘Not Applicable’ Can Cost You Contracts 16:51

2M ago16:51

16:51

Submit any questions you would like answered on the podcast! Marking a CMMC control as “Not Applicable” might feel like an easy shortcut but get it wrong, and you could fail your assessment, lose contracts, or even face legal trouble. In this episode of The CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down the real risk…

1
Selling IT & Cybersecurity Services to the CFO (the one who writes the checks) 1:00:43

2M ago1:00:43

1:00:43

When MSPs are selling IT and security services, the real decision often comes from the person who owns the budget and measures the risk — the CFO. In this session of The CyberCall, we’re getting inside that mindset. Jason Duncan, CFO of InfoSystems, has over two decades of experience working as a Corporate Controller & CFO, making financial, IT & s…

1
From Tokens to Trust: Microsoft’s Biggest Security Shift Yet 1:01:52

2M ago1:01:52

1:01:52

This week, we’re diving into three huge shifts happening in the Microsoft ecosystem that every MSP should have on their radar: · Token Protection is now available for Entra ID P1 licenses — and it’s a game changer for securing identity tokens and stopping session hijacking. · GDAP — the move from legacy DAP to Granular Delegated Admin Privileges — …

1
How to Make Real CMMC Progress: Even if Compliance Isn’t Your Full-Time Job 45:44

2M ago45:44

45:44

Submit any questions you would like answered on the podcast! Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap Is CMMC just one of many hats you wear at your company? You’re not alone and you’re not out of luck. In this episode of the CMMC Compl…

1
From Milestone to Mandate: What the Latest CMMC Update Means for Your MSP & Your Clients 1:00:28

2M ago1:00:28

1:00:28

Big news for the defense and MSP community: The 48 CFR CMMC final rule has officially reached OMB review. This is the second-to-last milestone before publication in the Federal Register — and we’re expecting to see the final rule land by October with no 60-day delay. Translation? The phased rollout begins Q4 2025. If you work with defense contracto…

1
What You Missed: June Cyber AB Town Hall CMMC Highlights 31:26

2M ago31:26

31:26

Submit any questions you would like answered on the podcast! 48 CFR UPDATE: https://www.ecfr.gov/current/title-48/chapter-2/subchapter-A/part-204/subpart-204.75 Missed the June 2024 Cyber AB Town Hall? We’ve got you covered. In this episode of the CMMC Compliance Guide, Brooke and Austin break down the biggest takeaways — including how recent leade…

1
Government Contracting Joint Ventures Explained 15:51

2M ago15:51

15:51

In this episode of Cherry Bekaert’s GovCon Podcast, Advisory Managing Director Michael Cippel and Senior Audit Manager Sarah Tucker explore the foundational principles and nuanced challenges of joint ventures (JVs) within the government contracting sector. Tune in to learn about: ► Definition and Structure of JVs ► Strategic Benefits of JVs ► Types…

1
What Makes a Good vCISO & Delivering at Scale 1:01:17

2M ago1:01:17

1:01:17

Last week, we tackled a big one: 'Risk, Revenue, Responsibility: The Real Job of the vCISO — and it sparked an incredible conversation around how vCISOs are no longer just about frameworks and firewalls, but about protecting business outcomes, navigating executive risk, and helping clients make strategic decisions. This week, we’re taking it a step…

1
6 Critical CMMC Questions Every Small DoD Contractor Should Know 17:30

3M ago17:30

17:30

Submit any questions you would like answered on the podcast! Are you trying to navigate CMMC and NIST 800-171 with a small team and limited resources? You're not alone. In this episode of the CMMC Compliance Guide, we’re breaking down six of the most common and confusing questions small DoD contractors ask—and giving you clear, practical answers yo…

1
Risk, Revenue, and Responsibility: The vCISO’s Real Job 1:01:30

3M ago1:01:30

1:01:30

In this episode of The CyberCall, we're cutting through the noise and rethinking the true purpose of the vCISO role. It’s not just about frameworks, policies, and tech stacks, it’s about tying risk to business outcomes (risk to revenue). The vCISO’s true value goes way beyond compliance checklists and technical jargon; it’s about being a business p…

1
The Ingram Micro Cyber Incident & Building Security Maturity - F12’s ISO 27001Journey 1:03:30

3M ago1:03:30

1:03:30

Supply chain attacks doubled according to the 2025 Verizon DBIR. This week the channel awakens to Ingram Micro being attacked by the SafePay Ransomware group. Incident Response (IR) expert, Chris Loehr, EVP of Solis joins The CyberCall, to share perspective on the GlobalProtect VPN compromise. That’s why today on today's CyberCall, we’re talking ab…

1
CMMC on the Shop Floor: A No-BS Guide for CNC & Aerospace Machine Shops 26:51

3M ago26:51

26:51

Submit any questions you would like answered on the podcast! Happy 4th of July from the team at CMMC Compliance Guide Podcast! While you're celebrating freedom, hot dogs, and fireworks — don’t forget about safeguarding the data that defends that freedom. 🛡️ In this special edition, we're tackling what really works for CMMC compliance on the shop fl…

1
The Intersection of AI, RPA & Cyber - What Your MSP Needs to Know 59:50

3M ago59:50

59:50

In this must-listen episode of The CyberCall, hosts Andrew Morgan, Phyllis Lee & Gary Pica are joined by Aharon Chernin, Founder & CEO of Rewst — to explore how Artificial Intelligence (AI), Robotic Process Automation (RPA), and Cybersecurity are colliding in today’s MSP landscape. Tune in to learn what your MSP needs to know now to stay ahead! Con…

1
Ceasefire’s Here, But Your Shop’s Still a Target: What the DoD CIO Just Told Defense Contractors 23:44

3M ago23:44

23:44

Submit any questions you would like answered on the podcast! 🆓 Need help getting your SPRS score to 110? Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap The Department of Defense just issued a critical cybersecurity memo—and it's not just for …

1
Breaking Down the Real Cost of CMMC Compliance for Small Businesses 31:44

4M ago31:44

31:44

Submit any questions you would like answered on the podcast! Why is CMMC compliance so expensive—especially for small businesses? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down what really drives up the cost of CMMC and NIST 800-171 compliance, and more importantly—how you can cut costs…

1
How to Scope CMMC Correctly: Avoid Audit Failures, Over-Scoping, and Cloud Risks 12:17

4M ago12:17

12:17

Submit any questions you would like answered on the podcast! Is your CMMC scope setting you up for success—or failure? In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down one of the most misunderstood (and expensive) parts of your compliance journey: scoping. Learn how to define your CUI boundary th…

1
What You Missed at CEIC West 2025: CMMC Culture, AI Labeling, and Subcontractor Risks 51:51

4M ago51:51

51:51

Submit any questions you would like answered on the podcast! Missed CEIC West 2025 in Las Vegas? We’ve got your insider recap. In this episode of the CMMC Compliance Guide, Austin and Brooke break down the most critical insights defense contractors need to know—from Katie Arrington’s keynote to real-world flowdown risks, mock assessment walkthrough…

1
How to Identify and Fix Your NIST 800-171 Weak Spots 36:38

4M ago36:38

36:38

Submit any questions you would like answered on the podcast! Are you sure you're NIST 800-171 compliant? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the most overlooked NIST 800-171 requirements that continue to trip up DoD contractors—and what you can do today to avoid those costly mistakes. From data flow di…

1
CMMC Day 2025 Recap: Key Takeaways, Real-World Mistakes & What SMBs Must Fix Now 56:52

5M ago56:52

56:52

Submit any questions you would like answered on the podcast! Get the latest insider takeaways from CMMC Day 2025 straight from Washington D.C. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down the most critical updates small and midsized businesses (SMBs) in the defense supply chain need to know now. We cover: ✅ Why…

1
Decoding NIST 800-171: Your Plain English Path to CMMC Level 2 Compliance 59:20

5M ago59:20

59:20

Submit any questions you would like answered on the podcast! Feeling overwhelmed by CMMC compliance and NIST 800-171’s 110 controls? You’re not alone — but you don’t have to be stuck. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down NIST 800-171 Revision 2 in plain English — no government-speak, no tech jargon — so…

1
How to Improve Your SPRS Score Before It Costs You Contracts 9:12

6M ago9:12

9:12

Submit any questions you would like answered on the podcast! Is your SPRS score putting your DoD contracts at risk? In this episode of the CMMC Compliance Guide, we break down exactly what the SPRS score is, why it matters, and how to improve it fast—before you lose out on federal work. Whether you're stuck at -72 or hovering at 80, we’ll walk you …

1
The E.A.S.Y Framework That Makes CMMC Actually Doable 13:15

6M ago13:15

13:15

Submit any questions you would like answered on the podcast! If someone tells you CMMC compliance can't be easy… they’re not necessarily wrong — but they’re also missing the point. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down one of the biggest myths in the compliance space: that achi…

1
CMMC Compliance Consulting vs. DIY Compliance: Which Is the Smarter, More Cost-Effective Choice? 33:17

6M ago33:17

33:17

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Austin dive into a key question many DoD contractors face: Should you handle CMMC compliance yourself or hire a consultant? We break down the risks, costs, and benefits to help you make the best decision for your business. D…

1
Your IT Provider: The Keystone to Passing CMMC – or the Hidden Risk That Could Cost You Everything 8:34

7M ago8:34

8:34

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey reveal a critical factor that could make or break your compliance journey: your IT provider. ✅ Discover why your IT provider plays a crucial role in your CMMC assessment. ✅ Learn the risks of working with an unqualifi…

1
How the DoD’s Cybersecurity Crackdown Could Impact Your Aerospace Contracts 50:17

7M ago50:17

50:17

Submit any questions you would like answered on the podcast! The DoD is tightening its cybersecurity regulations, and your aerospace contracts could be on the line. In this episode of The CMMC Compliance Guide Podcast, we break down the latest changes to CMMC, DFARS, and FAR that could directly impact your business. Join Austin and Brooke from Just…

1
CyberAB January Town Hall Updates: Key CMMC & FAR CUI Rule Insights for DoD Contractors 15:19

7M ago15:19

15:19

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, we break down the most important updates from the CyberAB January Town Hall. From the latest developments in CMMC implementation to the newly proposed FAR CUI rule, we discuss what these changes mean for DoD contractors and beyond. Key…

1
Accounting Manager vs. Controller vs. CFO Explained 15:13

7M ago15:13

15:13

In this episode of Cherry Bekaert’s Government Contracting podcast, host Jonathan Reid, Director, is joined by Mike Cippel, Managing Director, to discuss the job differences between accounting managers, controllers and chief financial officers (CFO). Tune in to learn more about: The definition of an accounting manager, controller and CFO Key differ…

1
CMMC Compliance: How to Win DoD Contracts & Avoid Costly Mistakes 26:02

8M ago26:02

26:02

Submit any questions you would like answered on the podcast! In this week’s episode, Brooke Justice and guest cohost Stacey break down one of the most crucial topics for DoD contractors: how CMMC compliance directly impacts your ability to win and keep defense contracts. From understanding compliance levels to avoiding costly mistakes, we’ll walk y…

1
Navigating Stop-Work Orders and Contract Termination 26:48

8M ago26:48

26:48

As of Monday, January 28, President Donald Trump has signed various executive orders requiring the halt of federal funding for various programs. This will allow the administration to determine the program’s alignment with legal and presidential priorities. These orders impact funding for foreign aid, non-governmental organizations, diversity, equit…

1
FedRAMP Authorization vs. Equivalency: What Your Business Needs to Know 14:03

8M ago14:03

14:03

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey from Justice IT Consulting dive deep into the critical distinctions between FedRAMP Authorization and FedRAMP Equivalency. Whether you're leveraging cloud services for compliance or planning your next steps in CMMC ce…

1
2024 Compliance Wrapped: Insights from CEIC East 27:25

9M ago27:25

27:25

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke Justice is joined by guest cohost Stacey Flores, stepping in for Austin Justice, to bring you the key takeaways from the recent CEIC East conference. If you missed the event, don’t worry—Brooke and Stacey are here to fill you in…

1
Project Cost & Tax Considerations for Government Contractors 16:18

9M ago16:18

16:18

In this episode of Cherry Bekaert’s Government Contracting podcast, we discuss what to consider when planning the cost of a project. Eric Poppe, a Managing Director in the Government Contracting Industry practice, is joined by Jonathan Reid, a Director in Outsourced Accounting Services. Tune in to learn more about: What to expect when reporting cos…

1
Forward Pricing Rates: Key Benefits Explained 12:07

10M ago12:07

12:07

In this episode of Cherry Bekaert’s Government Contracting podcast, host Jeff Annessa, a Senior Manager in the Firm’s Government Contracting practice, is joined by Jade Casey, a director in the Firm’s Government Contracting Services group. Jeff spent more than 13 years working with the Defense Contract Audit Agency (DCAA) and brings valuable experi…

1
Effective Deltek Costpoint Tips for Businesses 8:21

10M ago8:21

8:21

In this episode of Cherry Bekaert’s Government Contracting podcast, Romain Robveille, Advisory Services Director, is joined by Justin Pell, Senior Manager, for an overview of the Deltek Costpoint software and how to get the most out of this system. Tune in to learn more about: Effective uses of Deltek Costpoint for businesses Issues with current Co…

1
Truthful Cost or Pricing Data Act: A Government Contractors' Guide 17:44

10M ago17:44

17:44

In this episode of Cherry Bekaert’s Government Contracting podcast, host Brendan Halloran, a Director in Cherry Bekaert’s Government Contracting Industry practice, is joined by Jeff Annessa, a Senior Manager in the Firm’s Government Contracting practice. Bringing extensive knowledge and experience in the government contracting space, Brendan and Je…

1
Unanet Key Features and Benefits Overview 18:12

10M ago18:12

18:12

In this episode of Cherry Bekaert’s Government Contracting podcast, host and Advisory Services Manager Shaydah Naraghi is joined by Advisory Services Senior Manager Christine DeYuliis to discuss how Unanet could help guide your business forward. Tune in to learn more about: How Unanet got its name How long it typically takes employees to adopt time…

1
A Digital War or an Unreasonable Ask for SMB's? (WARNING: SOAPBOX EPISODE) 49:57

10M ago49:57

49:57

Submit any questions you would like answered on the podcast! In this thought-provoking episode of the CMMC Compliance Guide Podcast, Brooke and Austin Justice tackle a question that’s top of mind for many small and medium-sized businesses in the defense supply chain: Is CMMC a necessary defense in a digital war, or an unreasonable burden on SMBs? K…