))
John Christly: Demystifying CMMC to Protect the DIB
Manage episode 435171858 series 3403120
Content provided by Tim Freestone and Patrick Spencer, Tim Freestone, and Patrick Spencer. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Tim Freestone and Patrick Spencer, Tim Freestone, and Patrick Spencer or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
John Christly, VP of Services for Blue Team Alpha, and author of two cybersecurity books, brings his wealth of experience to this episode of Kitecast. With a background spanning roles such as CEO, CIO, CISO, and CTO, as well as military service, Christly offers unique insights into the world of cybersecurity compliance for Department of Defense (DoD) contractors.
In this enlightening discussion, Christly demystifies the Cybersecurity Maturity Model Certification (CMMC) process. He explains how many organizations are surprised to find they’re further along in compliance than they initially thought, thanks to existing frameworks like DFARS and NIST 800-171. However, he cautions that self-attestation is no longer sufficient, emphasizing the need for third-party verification in the new CMMC landscape.
Christly also delves into the critical role of FedRAMP certification in doing business with the government. He highlights the importance of data sovereignty and security in protecting American interests. The conversation explores the challenges of achieving “FedRAMP-like” status and the expertise required to truly build secure systems to DoD specifications.
The podcast doesn’t shy away from emerging threats, with Christly offering valuable insights on managing AI-related risks in the workplace. He stresses the importance of clear policies, employee education, and ongoing monitoring to harness the benefits of AI while protecting sensitive data. Christly’s practical advice on consolidating security tools and gaining visibility into cloud application usage provides actionable strategies for improving organizational cybersecurity posture.
Whether you’re a DoD contractor or simply interested in elevating your cybersecurity practices, this episode of Kitecast is a must-listen. Tune in now and take the first step towards robust, compliant cybersecurity for your organization.
https://www.linkedin.com/in/johnchristly/
Blue Team Alpha
Book: NIST 800-171 Controls Made Simple: A Step by Step Guide
https://www.udemy.com/course/nist-800-171-controls-made-simple
Book: The Basics of Cybersecurity
https://www.amazon.com/dp/B0CZY65DQC
Check out video versions of Kitecast episodes at https://www.kiteworks.com/kitecast or on YouTube at https://www.youtube.com/c/KiteworksCGCP.
34 episodes
Share
