Climbing Mount CMMC

In the season 4 finale of Climbing Mount CMMC, Kaleigh and Bobby share their extensive experience navigating the complexities of achieving CMMC Level 2 certification as an MSP. They discuss the importance of commitment, education, strategic planning, and the realities of scaling support for governme...

In this episode of Climbing Mount CMMC, Kaleigh and Bobby discuss the concept of grace within the CMMC framework, particularly focusing on the NIST 800-171 controls, the role of C3PAOs, and the importance of mock assessments. They emphasize the need for proper training and certification, the signifi...

In this episode of Climbing Mount CMMC, Bobby and Adam discuss the implications of Rev3 for MSPs in the context of CMMC. They explore the challenges MSPs face in achieving compliance, the role of external service providers, and the importance of documentation and shared responsibilities. They highli...

In this episode of Climbing Mount CMMC, Bobby and Adam discuss the intricacies of Plan of Action and Milestones (POAM) in the context of cybersecurity assessments. They explore the importance of having a clear understanding of what constitutes a POAM, the distinction between operational plans and as...

In this episode of Climbing Mounts CMMC, hosts Kaleigh Floyd and Bobby Guerra discuss the five stages of grief related to the CMMC compliance journey. They share personal experiences and insights on denial, anger, bargaining, depression, and acceptance, emphasizing the importance of understanding th...

In this episode, Kaleigh Floyd, Bobby Guerra, and Adam Evans discuss the complexities surrounding Cloud Service Providers (CSPs) and Managed Service Providers (MSPs) in the context of CMMC compliance. They clarify the definitions, roles, and responsibilities of MSPs and CSPs, particularly in relatio...

In this episode, the hosts discuss the significant changes introduced in NIST 800-171 Rev 3, focusing on the transition from Rev 2 to Rev 3, the importance of Organizational Defined Parameters (ODPs), and the role of external service providers in compliance. They emphasize the need for System Securi...

In this episode, Kaleigh and Bobby are joined by Axiom's own, Adam Evans, to discuss the significant changes introduced in NIST 800-171 Rev 3, focusing on the transition from Rev 2 to Rev 3, the importance of Organizational Defined Parameters (ODPs), and the role of external service providers in com...

In this episode, Kaleigh and Bobby discuss the complexities of managing Controlled Unclassified Information (CUI) within the framework of CMMC compliance. They explore the challenges of physical boundaries, the role of personnel in safeguarding CUI, and the implications of printing and disposing of ...

In this episode of "Climbing Mount CMMC," hosts Kaleigh Floyd and Bobby Guerra delve into the intricacies of preparing for a CMMC Level 2 assessment, particularly focusing on the role of external service providers (ESPs) and Managed Service Providers (MSPs). They emphasize the importance of selectin...

In this episode of Climbing Mount CMMC, hosts Bobby and Kaleigh discuss the critical topic of self-attestation for CMMC level two requirements. They explore the evolution of self-attestation, the risks associated with misrepresentation, and the importance of accountability in the self-assessment pro...

In this episode, Kaleigh and Bobby discuss the significant changes and challenges that companies will face in 2026 regarding CMMC compliance. They delve into the implications of new CMMC Level 2 requirements, the importance of self-assessments versus third-party assessments, and the potential conseq...

In this episode, Kaleigh Floyd and Bobby Guerra discuss the intricacies of change management within Managed Service Providers (MSPs) and its critical role in ensuring compliance with CMMC standards. They emphasize the importance of leadership buy-in, effective training for both client and internal s...

In this conversation, Dy Edington discusses the essence of CMMC, emphasizing that it is not merely about following specific procedures but about achieving results with consistency and transparency. She highlights the significance of managing change effectively to prevent unexpected disruptions, link...

In this episode, Bobby interviews Axiom's Marketing Coordinator, Maleah Adams, about her experience taking the CCP (CMMC Certified Professional) course. In a brief conversation, they touch on what CMMC looks like from a beginner's perspective and how the CCP course helped shaped that knowledge. She ...

In this episode of Climbing Mount CMMC, Kaleigh Floyd and Kelly Hood discuss the essential steps for small businesses to navigate the complexities of CMMC compliance. They emphasize the importance of understanding the foundational reasons behind CMMC, the necessity of leadership involvement, and the...

This webinar discussion provides an in-depth exploration of the CMMC Level 2 assessment process, including the phases of assessment, methodologies, and the importance of media sanitization and risk assessments. The speakers share their experiences and insights, emphasizing the need for thorough prep...

In this episode, Kaleigh Floyd, Bobby Guerra, and Vincent Scott discuss the upcoming rollout of the Cybersecurity Maturity Model Certification (CMMC) and the challenges facing the defense industrial base. They explore the readiness of organizations seeking certification, the role of implementers, an...

In this episode, Kaleigh interviews Logan Therrien from Kieri to discuss the role of C3PAOs in the CMMC ecosystem. They explore the importance of proper preparation for CMMC Level Two certification, common pitfalls organizations face during self-assessments, and the critical nature of documentation....

In this episode, Kaleigh Floyd and Bobby Guerra discuss the complexities of CMMC compliance, focusing on NIST 800-171 controls, self-assessments, risk reviews, change management, and the importance of tools in the compliance process. They emphasize the challenges faced by Managed Service Providers (...