Share
))
HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.
…
continue reading
Manage episode 521613922 series 3618914
Content provided by CMMC Compliance Guide. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CMMC Compliance Guide or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting walk through the top 12 essentials every contractor needs to achieve CMMC Level 2 compliance especially small and mid-sized defense manufacturers.
You’ll learn how to start compliance the right way with a formal gap assessment, define and shrink your CUI scope, and build a System Security Plan (SSP) that maps to all 110 NIST 800-171 controls. We break down how to write an actionable Plan of Action & Milestones (POA&M), implement MFA correctly, enforce least-privilege access control, and deploy proper device protection across your environment.
We also cover commonly misunderstood requirements around FIPS-validated encryption, centralized logging/SIEM, removable media, CNC/OT assets, data handling, and ongoing vulnerability + risk assessments.
Finally, we answer a listener question on secure data transfer and why customer portals or GCC/GCC High environments are often superior to “secure links” inside commercial Microsoft 365 tenants.
38 episodes
