Submit any questions you would like answered on the podcast!

Thinking about building an enclave for CMMC compliance? Not so fast.

In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down:

• What an enclave actually is (in plain English)
• When an enclave makes sense (and saves you money)
• When it can hurt your compliance efforts
• What assessors will really be looking for in your audit

If you’ve ever asked, “Do I need an enclave for CMMC?”, this episode is your roadmap to making the right call for your business.

Submit any questions you would like answered on the podcast!

Think you’re ready for your CMMC assessment?

In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the difference between being “paper ready” and truly “assessment ready.” From documentation gaps to overlooked technical controls, they share insider tips to help you pass with confidence.

We’ll walk you through the common blind spots that can derail an assessment, how to stress test your compliance program, and what assessors really look for when they walk in the door.

Submit any questions you would like answered on the podcast!

Marking a CMMC control as “Not Applicable” might feel like an easy shortcut but get it wrong, and you could fail your assessment, lose contracts, or even face legal trouble.

In this episode of The CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down the real risks of misusing N/A, share common mistakes companies make, and explain how to properly justify a not applicable control so you stay compliant and avoid False Claims Act issues.

We cover everything from Wi-Fi misconceptions to remote access oversights, mobile device scoping, assessor validation methods, and the legal risks nobody talks about. Whether you’re a one-person shop or managing a complex network, these insights could save you from major headaches come assessment day.

CyberAB Marketplace

Submit any questions you would like answered on the podcast!

Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible:
👉 https://cmmccomplianceguide.com/free-sprs-roadmap

Is CMMC just one of many hats you wear at your company? You’re not alone and you’re not out of luck.

In this episode of the CMMC Compliance Guide, we break down how overworked and under-resourced compliance leads can still make meaningful progress toward CMMC and NIST 800-171. Whether you're a part-time compliance officer, the IT guy, or the quality manager who just got handed CMMC, we’ll walk you through a phased, practical approach you can tackle in just a few hours a week.

From identifying CUI and building your data flow diagrams to implementing MFA, FIPS, and policy templates the right way—this is your guide to making CMMC doable without the burnout.

Submit any questions you would like answered on the podcast!

48 CFR UPDATE: https://www.ecfr.gov/current/title-48/chapter-2/subchapter-A/part-204/subpart-204.75

Missed the June 2024 Cyber AB Town Hall? We’ve got you covered.

In this episode of the CMMC Compliance Guide, Brooke and Austin break down the biggest takeaways — including how recent leadership changes, service provider requirements, and G-code classification are shaping the path to CMMC compliance.

If you're a DoD contractor or MSP supporting government clients, this is the update you can't afford to miss.

INSIDE THE EPISODE:
- What the new Undersecretary means for CMMC rulemaking
- ESP vs. CSP vs. MSP — and why the difference matters
- Why your IT provider will be assessed with your environment
- How your CAGE code could delay certification
- What assessors say about G-code and CUI
- Upcoming CMMC events you should have on your calendar

UPCOMING CMMC EVENTS MENTIONED:
- Carahsoft CMMC Webinar Series: https://www.carahsoft.com/learn/event/71021-proofpoint-and-microsoft-cmmc-webinar

- National Cyber Summit: https://www.nationalcybersummit.com/

- CS5 East 2025: https://cyberab.org/News-Events/CS5-Conference

Submit any questions you would like answered on the podcast!

Are you trying to navigate CMMC and NIST 800-171 with a small team and limited resources?

You're not alone. In this episode of the CMMC Compliance Guide, we’re breaking down six of the most common and confusing questions small DoD contractors ask—and giving you clear, practical answers you can act on immediately.

Join Brooke & Stacey from Justice IT Consulting as they unpack risks of misinterpreting controls, mobile device scope, admin account misuse, CUI data flow diagrams, remote access, and more. Whether you’re prepping for a CMMC Level 2 assessment or just trying to stay ahead, this episode is packed with actionable advice.

Submit any questions you would like answered on the podcast!

Happy 4th of July from the team at CMMC Compliance Guide Podcast! While you're celebrating freedom, hot dogs, and fireworks — don’t forget about safeguarding the data that defends that freedom. 🛡️

In this special edition, we're tackling what really works for CMMC compliance on the shop floor. From coolant-soaked travelers to ancient XP machines, this is your no-nonsense guide to staying compliant in real-world CNC and aerospace manufacturing environments.

Skip the theory. Get the real-world playbook. Because you can't afford to shut down production just to pass an audit.

📞 Need help with CMMC or NIST 800-171?
We fast-track defense manufacturers to compliance — or give you the tools to do it yourself.

👉 Visit https://www.cmmccomplianceguide.com to download free resources or schedule a discovery call.

Submit any questions you would like answered on the podcast!

🆓 Need help getting your SPRS score to 110?
Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible:
👉 https://cmmccomplianceguide.com/free-sprs-roadmap

The Department of Defense just issued a critical cybersecurity memo—and it's not just for the Lockheeds and Raytheons. In this episode, we break down what small and mid-sized DoD contractors must do now to respond to rising cyber threats—even amid headlines of ceasefire. From multi-factor authentication and patching systems to cloud security guidance and SPRS score readiness, we walk you through the exact steps your organization needs to take.

Resources Mentioned:
Memo: https://media.licdn.com/dms/document/media/v2/D561FAQFbAPookqu2zw/feedshare-document-pdf-analyzed/B56ZefAj13HoAY-/0/1750719415748?e=1751500800&v=beta&t=O6aY3UDi5ijLTGOa6RP4xAWABMPZh-ZKRkXRikiCywg

https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cisa.gov/news-events/directives/bod-25-01-implementing-secure-practices-cloud-services
https://www.cisa.gov/cyber-hygiene-services
https://www.nsa.gov/About/Cybersecurity-Collaboration-Center/DIB-Cybersecurity-Services/
https://www.dc3.mil/Missions/DIB-Cybersecurity/DCISE-Resources/

#CMMC #DODCompliance #CyberSecurity #SPRS #DefenseContractor #CyberThreats #NIST800171 #CMMCComplianceGuide