Best CMMC Compliance Guide Podcasts (2025)

1
Decoding NIST 800-171: Your Plain English Path to CMMC Level 2 Compliance 59:20

20h ago59:20

59:20

Submit any questions you would like answered on the podcast! Feeling overwhelmed by CMMC compliance and NIST 800-171’s 110 controls? You’re not alone — but you don’t have to be stuck. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down NIST 800-171 Revision 2 in plain English — no government-speak, no tech jargon — so…

1
Step-by-Step Guide: SAM.gov Registration, SBA DSBS Profile, and Capability Statement Creation 15:08

2d ago15:08

15:08

General Overview CyberGap.app CyberComply Console CyberComply.app Armada Cyber DefenseBy Armada Cyber Defense LLC

1
The Silent Threat To Your Bottom Line 5:34

2d ago5:34

5:34

🎙️ Episode Title: The Silent Threat to Your Bottom Line Podcast: Bite Size Security with Mike Fitzpatrick Episode Summary: In this episode, Mike Fitzpatrick, CEO of NCX Group, pulls back the curtain on one of the most underestimated risks to your business: the assumption that cybersecurity is “just an IT problem.” Mike shares real-world insights fr…

1
Armada Cyber Defense Channel Partner Overview 5:58

3d ago5:58

5:58

Channel Partner Overview CyberGap.app CyberComply Console CyberComply.app Armada Cyber DefenseBy Armada Cyber Defense LLC

1
FedRAMP Cloud Authorization Boundary Guidance 18:46

4d ago18:46

18:46

Detailed Overview CyberGap.app CyberComply Console CyberComply.app Armada Cyber DefenseBy Armada Cyber Defense LLC

1
CMMC Level 1 Assessment Guide 21:54

5d ago21:54

21:54

In this episode, we break down the essentials of conducting a CMMC Level 1 assessment. You'll learn what Level 1 compliance means, why it matters for federal contractors, and how organizations can prepare for success. We cover key topics including scoping, documentation, evidence collection, and common pitfalls to avoid all presented in a clear, pr…

1
Compliance vs. Security – Why “Checking the Boxes” Won’t Save Your Business 5:57

19d ago5:57

5:57

In this episode of Bite Size Security, Mike Fitzpatrick—CEO of NCX Group and 25-year cyber risk veteran—dives into one of the most common and costly misconceptions in business today: the belief that compliance equals security. We explore: Why simply passing audits or meeting regulatory checklists leaves your business vulnerable Real-world stories o…

1
Welcome Back To Bite Size Security 3:22

19d ago3:22

3:22

Welcome Back to Bite Size Security I hope you are all Healthy and well as we End 2020. It’s been a Difficult year for everyone. Especially for Small businesses everywhere in this changing world of growing risks, and now forced into a remote workforce and having to adjust on the fly. In this episode I layout the plan and focus for this podcast going…

1
How to Improve Your SPRS Score Before It Costs You Contracts 9:12

22d ago9:12

9:12

Submit any questions you would like answered on the podcast! Is your SPRS score putting your DoD contracts at risk? In this episode of the CMMC Compliance Guide, we break down exactly what the SPRS score is, why it matters, and how to improve it fast—before you lose out on federal work. Whether you're stuck at -72 or hovering at 80, we’ll walk you …

1
The E.A.S.Y Framework That Makes CMMC Actually Doable 13:15

29d ago13:15

13:15

Submit any questions you would like answered on the podcast! If someone tells you CMMC compliance can't be easy… they’re not necessarily wrong — but they’re also missing the point. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down one of the biggest myths in the compliance space: that achi…

1
CMMC Compliance Consulting vs. DIY Compliance: Which Is the Smarter, More Cost-Effective Choice? 33:17

1M ago33:17

33:17

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Austin dive into a key question many DoD contractors face: Should you handle CMMC compliance yourself or hire a consultant? We break down the risks, costs, and benefits to help you make the best decision for your business. D…

1
Your IT Provider: The Keystone to Passing CMMC – or the Hidden Risk That Could Cost You Everything 8:34

1M ago8:34

8:34

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey reveal a critical factor that could make or break your compliance journey: your IT provider. ✅ Discover why your IT provider plays a crucial role in your CMMC assessment. ✅ Learn the risks of working with an unqualifi…

1
How the DoD’s Cybersecurity Crackdown Could Impact Your Aerospace Contracts 50:17

2M ago50:17

50:17

Submit any questions you would like answered on the podcast! The DoD is tightening its cybersecurity regulations, and your aerospace contracts could be on the line. In this episode of The CMMC Compliance Guide Podcast, we break down the latest changes to CMMC, DFARS, and FAR that could directly impact your business. Join Austin and Brooke from Just…

1
CyberAB January Town Hall Updates: Key CMMC & FAR CUI Rule Insights for DoD Contractors 15:19

2M ago15:19

15:19

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, we break down the most important updates from the CyberAB January Town Hall. From the latest developments in CMMC implementation to the newly proposed FAR CUI rule, we discuss what these changes mean for DoD contractors and beyond. Key…

1
CMMC Compliance: How to Win DoD Contracts & Avoid Costly Mistakes 26:02

3M ago26:02

26:02

Submit any questions you would like answered on the podcast! In this week’s episode, Brooke Justice and guest cohost Stacey break down one of the most crucial topics for DoD contractors: how CMMC compliance directly impacts your ability to win and keep defense contracts. From understanding compliance levels to avoiding costly mistakes, we’ll walk y…

1
FedRAMP Authorization vs. Equivalency: What Your Business Needs to Know 14:03

3M ago14:03

14:03

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke and Stacey from Justice IT Consulting dive deep into the critical distinctions between FedRAMP Authorization and FedRAMP Equivalency. Whether you're leveraging cloud services for compliance or planning your next steps in CMMC ce…

1
2024 Compliance Wrapped: Insights from CEIC East 27:25

4M ago27:25

27:25

Submit any questions you would like answered on the podcast! In this episode of The CMMC Compliance Guide Podcast, Brooke Justice is joined by guest cohost Stacey Flores, stepping in for Austin Justice, to bring you the key takeaways from the recent CEIC East conference. If you missed the event, don’t worry—Brooke and Stacey are here to fill you in…

1
Cybersecurity Starts at the Door 5:08

5M ago5:08

5:08

When it comes to protecting your business, cybersecurity isn’t just about firewalls and fancy tech—it starts at your front door. In this episode of Bite Size Security, Mike Fitzpatrick pulls back the curtain on the often-overlooked role of physical security in keeping your digital assets safe. From the jaw-dropping story of a data center “protected…

1
October 2024 CyberAB Town Hall Recap: CMMC 2.0 Updates You Can't Miss! 15:14

5M ago15:14

15:14

Submit any questions you would like answered on the podcast! In this episode, Brooke and Austin Justice dive into the latest CyberAB townhall update, sharing key insights for defense contractors. Stay informed on the latest CMMC developments, compliance changes, and how they could impact your business. Whether you're navigating CMMC 2.0 or simply t…

1
How It All Began: The CMMC Compliance Guide Podcast Origin Story 18:43

5M ago18:43

18:43

Submit any questions you would like answered on the podcast! In this special episode, we take you behind the scenes to explore the origin story of the CMMC Compliance Guide Podcast. Join hosts, Austin and Brooke Justice as they share how the podcast began, its mission to help defense contractors navigate the complexities of CMMC compliance, and wha…

1
A Conversation with an Assessor ft. Chris Silvers 1:08:45

5M ago1:08:45

1:08:45

Submit any questions you would like answered on the podcast! In this special episode of the CMMC Compliance Guide Podcast, hosts Brooke and Austin Justice are joined by Chris Silvers, one of less than 100 individuals officially certified as both a Certified CMMC Provisional Assessor and Instructor. With over 25 years of cybersecurity experience, Ch…

1
November 2024 CyberAB Town Hall Recap: Essential CMMC 2.0 Updates for Defense Contractors 32:00

5M ago32:00

32:00

Submit any questions you would like answered on the podcast! In this episode, Brooke and Austin Justice dive into the latest CyberAB townhall update, sharing key insights for defense contractors. Stay informed on the latest CMMC developments, compliance changes, and how they could impact your business. Whether you're navigating CMMC 2.0 or simply t…

1
A Digital War or an Unreasonable Ask for SMB's? (WARNING: SOAPBOX EPISODE) 49:57

5M ago49:57

49:57

Submit any questions you would like answered on the podcast! In this thought-provoking episode of the CMMC Compliance Guide Podcast, Brooke and Austin Justice tackle a question that’s top of mind for many small and medium-sized businesses in the defense supply chain: Is CMMC a necessary defense in a digital war, or an unreasonable burden on SMBs? K…

1
32 CFR Rule Explained: Key Compliance Guide for DoD Contractors 52:31

5M ago52:31

52:31

Submit any questions you would like answered on the podcast! Are you a DoD contractor navigating the complexities of the 32 CFR Rule? In this video, we break down the key aspects of the 32 CFR Rule, explaining how it impacts defense contractors and the steps you need to take to stay compliant. Whether you're new to the defense industry or need a re…

1
Navigating the 48 CFR Rule: Essential Insights for DoD Contractors on CMMC 2.0 Compliance 37:05

5M ago37:05

37:05

Submit any questions you would like answered on the podcast! In this in-depth discussion, Austin and Brooke Justice from Justice IT Consulting break down the critical updates and challenges associated with the new 48 CFR proposed rule for CMMC 2.0 compliance. Learn about the key differences from previous regulations, the most significant hurdles Do…

1
Practical Steps for CEOs to Lead the Charge in Cybersecurity 5:45

5M ago5:45

5:45

EP 12: Practical Steps for CEOs to Lead the Charge in Cybersecurity In this episode of Bite Size Security, Mike Fitzpatrick, Founder and CEO of NCX Group, dives into the key steps CEOs need to take to turn cybersecurity from a headache into a competitive advantage. From asking the right questions to understanding the ROI of a strong cyber posture (…

1
Aligning Business, Cyber, and Financial Risks: A CEO’s Guide for 2025 5:48

6M ago5:48

5:48

Episode Title: Aligning Business, Cyber, and Financial Risks: A CEO’s Guide for 2025 Host: Mike Fitzpatrick, CEO of NCX Group Episode Snapshot: CEOs, it’s time to stop treating cybersecurity as just an IT issue. In this episode, I’m breaking down why aligning your cyber strategy with business and financial goals is the game changer you didn’t know …

1
How to achieve the Defense Department’s CMMC compliance with Frank Smith 32:59

3+ y ago32:59

32:59

Did you know that the Department of Defense (DOD) is mandating that suppliers have Cybersecurity Maturity Model Certification (CMMC) to a prescribed level? In this episode, Frank Smith, Manager of Security and Consulting Practice at Ntiva, shares all you need to know about CMMC. Discover what CMMC is, why you should care, the requirements needed fo…

1
What Really Happened with the Colonial Pipeline Cyberattack, and Why We Should Be Concerned 41:27

4y ago41:27

41:27

In this Episode of Bite Size Security we're going to break down the cyberattack that shut down a major pipeline in America, and how it could have been prevented. Hi, my name is Mike Fitzpatrick and today we're going to examine what really happened with the Colonial Pipeline Cyberattack, which has caused a lot of panic around here lately. It's not h…

1
Developing a Security Test Methodology with Mike Spanbauer 34:42

4y ago34:42

34:42

I today’s episode, I’m going to be sharing a session that Mike Spanbauer, Security Evangelist for Juniper, gave at the last Secure Guild online conference on Developing a Security Test Methodology. Discover the four pieces that make up his approach and some essential tips in implementing your own. Listen up!…

1
Prioritize Your Open Source Findings with James Rabon 22:10

4y ago22:10

22:10

Does your team struggle with prioritizing your security open-source findings? In this episode, James Rabon, Director of Product Management at Micro Focus, will share an approach that can help. Discover how James’ team co-developed “susceptibility analysis,” which allows developers and application security engineers determine whether a publicly-disc…

1
CyberOps with Joe Abraham 30:32

4y ago30:32

30:32

Cybersecurity concepts are fundamental pieces of knowledge necessary for a career in security testing. In this episode, Joe Abraham, author of numerous Pluralsight courses, will share some insights into many security aspects. Listen in to learn about security onion, threat intelligence, cyber threat hunting tips and more.…

1
TrustedSec Sysmon Community Guide with Carlos Perez 29:38

4+ y ago29:38

29:38

Are you struggling to find information on how to use Sysmon for your security efforts? In this episode, Carlos Perez, a Research Team lead at TrustedSec, shares all about the TrustedSec Sysmon Community Guide. Discover why Carlos created this guide and how it helps empower defenders with the information they need to leverage this great tool. Also, …

1
Cybersecurity Tools and Frameworks with Aaron Rosenmund 31:34

4+ y ago31:34

31:34

Aaron Rosenmund, a cybersecurity researcher at Pluralsight, shares a wealth of knowledge around security testing in this episode. Discover blue team tools to protect, detect, and respond against targeted threat actor techniques in an enterprise environment. Listen in to also learn security frameworks to help you with your threat hunting efforts…

1
Information Gathering in Penetration Testing with Malek Mohammad 21:35

4+ y ago21:35

21:35

How can you prevent attacks if you don't know your enemy? In this episode, Malek Mohammad, author of the Pluralsight course: Web Application Penetration Testing: Information Gathering, discusses how to know how your enemies target you. Discover fingerprinting web applications, enumerating applications, understanding their entry points, and tooling …

1
Happy Security Testing New Year 2021! 1:40

4+ y ago1:40

1:40

Happy New Year! We will be away for a few weeks but will be back with more security testing awesomeness in 2021. Also, don't forget to register for AutomationGuild.

1
Growing Remote Workforce Security Risks - Interview With Dr. Larry Ponemon 31:30

4+ y ago31:30

31:30

In this episode Dr. Larry Ponemon discusses the the Ponemon Institute's latest findings in the growing Cybersecurity and Data Privacy treats associated with COVID-19. COVID-19 has dramatically changed the workplace and has created new cybersecurity risks and exacerbated existing risks. The purpose of this research, sponsored by Keeper Security, is …

1
AWS Penetration Testing with Jon Helmus 28:52

4+ y ago28:52

28:52

Need to secure your AWS environments? In this episode, Jonathan Helmus, author of the new book AWS Penetration Testing, will share some tips on AWS penetration testing and security best practices. Discover some of the commonly exploited vulnerabilities in AWS and how to prevent them. Listen in to learn more about cloud penetration testing tips, and…

1
Discover Network Vulnerabilities using Infection Monkey with Maril Vernon 30:44

4+ y ago30:44

30:44

Are you using Infection Monkey? In this episode, Pluralsight author and security expert Maril Vernon will share some insights from her Infection Monkey course. Discover uses of Infection Monkey to test for later movement and network segments against known MITRE tactics. Listen up to learn how this amazing tool can identify your company’s vulnerable…

1
OWASP Broken Authentication Breakdown with Prasad Salvi 23:23

4+ y ago23:23

23:23

Prepare to learn all about the OWASP Top 10 Web Application Security Risks—Broken Authentication. This is the second monthly episode in which security expert Prasad Salvi will join us to break down each OWASP risk one by one. Today we’ll discuss the second security risk listed—broken authentication. Discover what a broken authentication risk is, th…

1
API Security Testing In DevOps with Oli Moradov 46:05

4+ y ago46:05

46:05

How do you integrate API security testing into the development process? In this episode, Oli Moradov, VP of Dev and Strategic Alliances at NeuraLegio, shares ways that you can achieve API security testing automation directly into your DevOps or CI/CD pipelines. Discover how you can test every build without causing development drag. Listen up!…

1
Covid-19 Security and OWASP with Adiran Thirmal 34:03

4+ y ago34:03

34:03

Has COVID-19 impacted your security testing efforts? In this episode, security expert Adhiran Thirmal shares his thoughts on security testing, Covid-19, OWASP, and more. Listen up and find out more about changes to OWASP for 2020 and beyond and how you can help.

1
SQL Injection OWASP Top 10 with Prasad Salvi 25:23

4+ y ago25:23

25:23

Are you familiar with the OWASP Top 10 Web Application Security Risks? This is the first monthly episode where security expert Prasad Salvi joins us to break down each risk one by one. Today we talk all about the first security risk listed -- injection flaws. Discover what an injection flaw is, different ways this attack can occur, and how to preve…

1
P2P Security with Paul Marrapese 23:55

4+ y ago23:55

23:55

Peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics. In this episode, Paul Marrapese, a security researcher, shares his story of how supply chain vulnerabilities in modern IP cameras, baby monitors, and even alarm systems are putting millions at risk for eavesdropping and remote compro…

1
Avoid Being Runtime Blind using DeepFactor with Kiran Kamity & Mike Larkin 36:03

4+ y ago36:03

36:03

I believe most teams have a massive gap in their pre-production stage of development. In this episode, Kiran Kamity, Founder and CEO of DeepFactor, and Mike Larkin, Founder and CTO of DeepFactor, will share why Pre-production Observability is critical to ensuring your applications are secure, compliant, and performant. Discover how to inject the vi…

1
The Power of a Threat Aware Network with Mike Spanbauer 31:37

4+ y ago31:37

31:37

Security is a difficult discipline to master. It requires experts to continuously challenge themselves and learn new tools and technologies to protect their organizations. In this episode, Mike Spanbauer, Technology Evangelist at Juniper, will discuss some ways to build a threat-aware network. Discover a new way to think about your approach to secu…

1
Client Side Penetration Testing with Prasad Salvi 27:54

4+ y ago27:54

27:54

Don’t let hackers execute different client-side attacks on your website. In this episode, Prasad Salvi will cover some of the most important concepts in his Pluralsight Web Application Penetration Testing: Client-side Testing course. Discover how to be proficient in performing client-side attacks like Cross-Site Scripting, HTML Injection, Client-si…

1
Cyber Security Job Hunting with Owanate Bestman 30:52

4+ y ago30:52

30:52

How has the Covid-19 pandemic affected the employment prospects of cybersecurity professionals? In this episode, Owanate Bestman, the founder of Bestman Solutions, will share his take on what you need to know to stay employable in troubled times. Discover areas of growth in security, what employers are looking for, and what skills you’ll need in 20…

1
Automated Security Compliance with Eric Martin 24:59

4+ y ago24:59

24:59

Do you have to comply with the complex, time-consuming, and tedious process of preparing for a security audit? In this episode, Eric Martin from Vanta, a cybersecurity startup, will discuss automated security and compliance. Discover why security compliance is essential, and how automation can help you with SOC 2 audits and HIPPA compliance require…

1
Securing the Future of RPA with Alan Radford 32:44

4+ y ago32:44

32:44

Identity needs to be at the core of a security strategy. In this episode, Alan Radford, CTO of One Identity, will share how to achieve security by ensuring the right people get proper access to the right resources at the right time. Discover how using RPA can help with your identity and access management efforts. Listen now!…

Podcasts Worth a Listen

CMMC Compliance Guide Podcasts

Podcasts Worth a Listen

Quick Reference Guide