All Episodes
Mission Compliance: Unleashing Growth Potential For Defense Contractors — 153 episodes
Understanding CMMC 2.0 Controls: P.S.L2-3.9.2: Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers | Episode 153
Why Most Contractors Aren’t Ready for a CMMC Level 2 Audit | Episode 152
Understanding CMMC 2.0 Controls: P.S.L2-3.9.1: Screen individuals prior to authorizing access to organizational systems containing CUI | Episode 151
Hidden Cloud Costs That Can Derail Your Compliance | Episode 150
What Needs To Be In Your CUI Flow Diagram For Certification | Episode 149
Understanding CMMC 2.0 Controls MP.L2-3.8.9 - Prohibit the use of portable storage devices when such devices have no identifiable owner | Episode 148
Understanding CMMC 2.0 Controls MP.L2-3.8.8 - Prohibit the use of portable storage devices when such devices have no identifiable owner | Episode 147
Why So Many Companies Are Failing Their CMMC Certification | Episode 146
Understanding CMMC 2.0 Controls MP.L2-3.8.7 - Control the use of removable media on system components | Episode 145
Understanding CMMC 2.0 Controls MP.L2-3.8.6 - Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards | Episode 144
What Defense Contractors Need to Know About the 2026 FAR & DFARS Cybersecurity Overhaul | Episode 143
Understanding CMMC 2.0 Controls MP.L2-3.8.5 - Control Access to Media Containing CUI | Episode 142
Understanding CMMC 2.0 Controls MP.L2-3.8.4 - Mark media with necessary CUI markings and distribution limitations | Episode 141
Why CMMC Consulting Isn’t Always Objective & What You Can Do | Episode 140
How CMMC Just Got Cheaper & Why That’s a Big Deal | Episode 139
ALWAYS Escort Visitors & Unauthorized Users When CUI Is Present | Episode 138
The Dangers of an Azure Government Shared Tenant Scenario | Episode 137
When the Right Solution is Office 365 GCC High — and When You Really Need Azure Virtual Machines | Episode 136
Understanding CMMC 2.0 Controls MP.L2-3.8.3 - Sanitize or destroy system media containing CUI before disposal or release for reuse | Episode 135
Understanding CMMC 2.0 Controls: MP.L2-3.8.2 - Limit access to CUI on system media to authorized users | Episode 134
Understanding CMMC 2.0 Controls: MP.L2-3.8.1 - Protect (i.e., physically control and securely store) system media containing CUI, both paper and digital | Episode 133
The Role of Cloud Services in Defense Contracting Compliance | Episode 132
Understanding CMMC 2.0 Controls: MA.L2-3.7.6 - Supervise the maintenance activities of maintenance personnel without required access authorization | Episode 131
Why We Don’t Dwell on the Negative Consequences of Non Compliance | Episode 130
Understanding CMMC 2.0 Controls: MA.L2-3.7.5 - Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete | Episode 129
Understanding CMMC 2.0 Controls: MA.L2-3.7.4 - Check media containing diagnostic and test programs for malicious code before the media are used in organizational systems | Episode 128
Why You Need To Get Moving On Your CMMC Level 2 Preparation Now! | Episode 127
Why You Might Be Completely Overlooking CUI in Your Sales Process | Episode 126
Understanding CMMC 2.0 Controls: MA.L2-3.7.3: Ensure equipment removed for off-site maintenance is sanitized of any CUI | Episode 125
Understanding CMMC 2.0 Controls: MA.L2-3.7.2: Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance | Episode 124
What Is CUI in the Sales Process for Defense Contractors | Episode 123
Understanding CMMC 2.0 Controls: MA.L2-3.7.1: Perform maintenance on organizational systems | Episode 122
Why Some Types of CUI Require Extra Controls | Episode 121
From Compliance Chaos to Inc 5000! | Episode 120
What We Learned Passing Our DIBCAC CMMC Level 2 C3PAO Audit | Episode 119
Understanding CMMC 2.0 Controls: IR.L2-3.6.3: Test the organizational incident response capability | Episode 118
Tools That Can Help You Achieve CMMC Level 2 Compliance Quickly | Episode 117
Understanding CMMC 2.0 Controls: IR.L2-3.6.2: Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization | Episode 116
The Latest Update to the SPRS System: Self-Certifying Your CMMC Level | Episode 115
Decoding the Latest DoD Guidance on CMMC Levels | Episode 114
Episode 113: Understanding CMMC 2.0 Controls: IR.L2-3.6.1: Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities
Why You Need A Vulnerability Scanning Solution And Why Antivirus Won't Cut It | Episode 112
Understanding CMMC 2.0 Controls: IA.L2-3.5.11: Obscure feedback of authentication information | Episode 111
Understanding CMMC 2.0 Controls: IA.L2-3.5.10: Store and transmit only cryptographically-protected passwords | Episode 110
Understanding CMMC 2.0 Controls: IA.L2-3.5.9: Allow temporary password use for system logons with an immediate change to a permanent password | Episode 109
Managing Websites & Publicly Accessible Information for Compliance Success | Episode 108
Understanding CMMC 2.0 Controls: IA.L2-3.5.8: Prohibit password reuse for a specified number of generations | Episode 107
Why You May Need a Clean Desk Policy to Adequately Protect CUI | Episode 106
Understanding CMMC 2.0 Controls: IA.L2-3.5.7: Enforce a minimum password complexity and change of characters when new passwords are created | Episode 105
Cyber Incident Reporting Requirements Explained | Episode 104
Understanding CMMC 2.0 Controls: IA.L2-3.5.6: Disable identifiers after a defined period of inactivity
Understanding CMMC 2.0 Controls: IA.L2-3.5.5: Prevent reuse of identifiers for a defined period
Why You Need a Policy & Procedures for Posting Information to Public Systems | Episode 101
Compliance Horror Stories: The Untold Tales | Episode 100
Increasing Your Prices to Cover the Cost of Being More Secure | Episode 99
Understanding CMMC 2.0 Controls IA.L2-3.5.4 - Employ replay-resistant authentication mechanisms for network access to privileged and non-privileged accounts | Episode 98
Avoid Compliance Headaches by Leveraging Azure Government Cloud Virtual Desktops | Episode 97
Understanding CMMC 2.0 Controls IA.L2-3.5.3 - Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts | Episode 96
Implementing Tough Security Requirements While Facing Internal Resistance | Episode 95
Understanding CMMC 2.0 Controls IA.L2-3.5.2 - Authenticate (or verify) the identities of users, processes, or devices, as a prerequisite to allowing access to organizational systems | Episode 94
CMMC Level 2 Self Certification in SPRS | Episode 93
Understanding CMMC 2.0 Controls IA.L2-3.5.1 - Identify system users, processes acting on behalf of users, and devices | Episode 92
Convincing the Boss Why CMMC Level 2 Prep Is Worth It | Episode 91
Meeting CMMC Requirements When Developing Custom Code for Defense Contracts | Episode 90
Understanding CMMC 2.0 Controls CM.L2-3.4.9 - Control and monitor user-installed software | Episode 89
Criminal Penalties Abound in CMMC Self-Attestations and What You Should Know | Episode 88
Understanding CMMC 2.0 Controls CM.L2-3.4.8 - Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software | Episode 87
Understanding the New Affirming Official Role for SPRS and CMMC Self Attestation | Episode 86
Understanding CMMC 2.0 Controls CM.L2-3.4.7 - Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services | Episode 85
Understanding CMMC 2.0 Controls CM.L2-3.4.6 - Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities | Episode 84
Understanding CMMC 2.0 Controls CM.L2-3.4.5 - Define, document, approve, and enforce physical and logical access restrictions associated with changes to organizational systems | Episode 83
Why a Mock Assessment is Important for CMMC Certification | Episode 82
Understanding CMMC 2.0 Controls CM.L2-3.4.4 - Analyze the security impact of changes | Episode 81
Why Role Based Access Control Is Your Gateway To Compliance | Episode 80
Understanding CMMC 2.0 Controls CM.L2-3.4.3 - Track, review, approve or disapprove, and log changes to organizational systems | Episode 79Track, review, approve or disapprove, and log changes to organizational systems | Episode 79
Understanding CMMC 2.0 Controls CM.L2-3.4.2 - Establish and enforce security configuration settings for information technology products employed in organizational systems | Episode 78
Understanding CMMC 2.0 Controls CM.L2-3.4.1 - Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system | Episode 77
Separation of Duties and CMMC Compliance for Sole Proprietor Businesses | Episode 76
Understanding CMMC 2.0 Controls AU L2-3.3.9: Limit management of audit logging functionality to a subset of privileged users | Episode 75
New CMMC Law Just Dropped: What Does It Mean? | Episode 74
Understanding CMMC 2.0 Controls AU L2-3.3.8: Protect audit information and audit logging tools from unauthorized access, modification, and deletion | Episode 73
Understanding CMMC 2.0 Controls AU L2-3.3.7: Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records | Episode 72
Understanding CMMC 2.0 Controls AU L2-3.3.6: Provide audit record reduction and report generation to support on-demand analysis and reporting | Episode 71
CMMC is Coming: How Are Smaller Defense Contractors Going To Afford It? | Episode 70
Understanding CMMC 2.0 Controls AU L2-3.3.5: Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity | Episode 69
Should You Move Your Computers And Servers To Azure Government? | Episode 68
Understanding CMMC 2.0 Controls AU L2-3.3.4: Alert in the event of an audit logging process failure. | Episode 67
Understanding CMMC 2.0 Controls AU L2-3.3.3: Review and update logged events | Episode 66
CMMC Maturity Levels: Advancing Cybersecurity in the Defense Supply Chain | Episode 65
Understanding CMMC 2.0 Controls AU L2-3.3.2: Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions | Episode 64
Understanding CMMC 2.0 Controls AU L2-3.3.1: Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity | Episode 63
Cybersecurity Safeguarding Requirements: Understanding the Basics | Episode 62
Addressing Common Challenges in Achieving DFARS and NIST SP 800 171 Compliance | Episode 61
Understanding CMMC 2.0 Controls AT L2-3.2.3: Provide security awareness training on recognizing and reporting potential indicators of insider threat | Episode 60
Understanding CMMC 2.0 Controls AT L2-3.2.2: Ensure that organizational personnel are adequately trained to carry out their assigned information security-related duties and responsibilities | Episode 59
DFARS Cyber Incident Reporting: Procedures and Best Practices | Episode 58
Understanding CMMC 2.0 Controls AT L2-3.2.1: Ensure that managers, systems administrators, and users of organizational systems are made aware of the security risks associated with their activities and of the applicable policies | Episode 57
Understanding CMMC 2.0 Controls AC L2-3.1.22: Control CUI posted or processed on | Episode 56
The Role of Continuous Monitoring in DFARS & CMMC Compliance | Episode 55
Uncovering NIST SP 800-171 Revision 3 | Episode 54
Understanding CMMC 2.0 Controls AC L2-3.1.21: Limit use of organizational portable storage devices on external systems | Episode 53
Preparing for Compliance Audits: Tips and Best Practices | Episode 52
Understanding CMMC 2.0 Controls AC L2-3.1.20: Verify and control/limit connections to and use of external systems | Episode 51
Understanding CMMC 2.0 Controls AC L2-3.1.19: Encrypt CUI on mobile devices | Episode 50
Exploring the Role of Encryption in NIST SP 800-171 Compliance | Episode 49
The Impact of DFARS & NIST SP 800 171 on Small Businesses in the Defense Industry | Episode 48
Understanding CMMC 2.0 Controls AC L2-3.1.18: Control connection of mobile devices | Episode 47
Celebrating 2000 YouTube Subscribers | Episode 46
Understanding CMMC 2.0 Controls AC L2-3.1.17: Protect wireless access using authentication and encryption | Episode 45
Understanding CMMC 2.0 Controls AC L2-3.1.16: Authorize wireless access prior to allowing such connections | Episode 44
Understanding CMMC 2.0 Controls AC L2-3.1.15: Authorize remote execution of privileged commands and remote access to security-relevant information | Episode 43
Understanding CMMC 2.0 Controls AC L2-3.1.14: Route remote access via managed access | Episode 42
Understanding CMMC 2.0 Controls AC L2-3.1.13: Employ cryptographic mechanisms to protect the confidentiality of remote access sessions | Episode 41
Microsoft Intune & Conditional Access | Episode 40
Understanding CMMC 2.0 Controls AC L2-3.1.12: 3.1.12. Monitor and control remote access | Episode 39
Understanding CMMC 2.0 Controls AC L2-3.1.11: Terminate (automatically) a user session after a defined condition | Episode 38
Celebrating 1.1 Million Views On YouTube! | Episode 37
Understanding CMMC 2 0 Controls AC L2-3.1.10: Use session lock with pattern-hiding | Episode 36
Understanding CMMC 2 0 Controls AC L2-3.1.9: Provide privacy and security notices | Episode 35
Establishing Physical Security Within NIST SP 800-171 Compliance | Episode 34
Understanding CMMC 2 0 Controls AC L2-3.1.8: Limit unsuccessful logon attempts | Episode 33
Understanding CMMC 2 0 Controls AC L2-3.1.7: Prevent non-privileged users from executing privileged functions | Episode 32
The SPRS Score: What Is It And Why Is It Important? | Episode 31
Understanding CMMC 2.0 Controls: AC.L2-3.1.6: Use non-privileged accounts | Episode 30
Understanding CMMC 2.0 Controls: AC.L2-3.1.5: Employ the principle of least privilege | Episode 29
Understanding CMMC 2.0 Controls: AC.L2-3.1.4: Separate the duties of individuals to reduce the risk of malevolent activity without collusion | Episode 28
Revolutionizing the Supply Chain: Digital Transformation in Defense Manufacturing | Episode 27
Understanding CMMC 2.0 Controls: AC.L2-3.1.3: Control the flow of CUI in accordance with approved authorizations | Episode 26
Satellites and Space The New Frontier for Defense Innovations | Episode 25
Understanding CMMC 2.0 Controls AC.L1-3.1.2 - Limit system access to types of functions | Episode 24
Harmonizing Compliance and IT Strategy Unraveling the DFARS NIST and CMMC Connection | Episode 23
Understanding CMMC 2 0 Controls: AC.L1-3.1.1: Limit system access to authorized users | Episode 22
Quality Assurance and Compliance Challenges in Defense Manufacturing | Episode 21
From Prototype to Production: Best Practices for Scaling Defense Manufacturing | Episode 20
Navigating the Regulatory Landscape: Staying Abreast of Changing Laws and Guidelines | Episode 19
The Evolving Role of Compliance Officers in Cyber and Information Security | Episode 18
Compliance Best Practices in the Era of Remote Work | Episode 17
Maintaining a Skilled Workforce: Talent Acquisition and Retention Strategies for Defense Contractors | Episode 16
The Factory of the Future: Advanced Manufacturing Trends in Defense Contracting | Episode 15
Crisis Management in Defense Contracting | Episode 14
Scaling Up In The Defense Industry | Episode 13
Uncovering the Misconceptions in Compliance | Episode 12
The Ethics of AI in Defense: Balancing Progress and Responsibility | Episode 11
Adapting to Changing Priorities: Seizing Opportunities in Shifting Defense Budgets | Episode 10
The Road to Resilience Supply Chain Security in Defense Contracting | Episode 9
Building a Culture of Compliance: Employee Awareness and Training Techniques | Episode 8
Long-Term Viability: Fostering Innovation and Agility in Defense Contracting | Episode 7
The Competitive Edge - Strategies for Winning Defense Contracts | Episode 6
Getting To Know The Compliance Guy | Episode 5
Small Business, Big Opportunities - Navigating the Defense Contracting Landscape for SMEs | Episode 4
Staying Ahead of Cyber Threats: Ensuring Security in Defense Manufacturing | Episode 3
Defense Ethics and Corporate Social Responsibility | Episode 2
Unseen Power: Subcontracting Uncovered | Episode 1