Getting CMMC Right: Scope, Budget, and Certification Tips

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/1e/3a/ce/1e3ace49-6dd7-5dcb-1ca1-7363c048c60c/mza_3733535226389102627.png/600x600bb.jpg

The Tea on Cybersecurity

Trava Security

52 episodes

4 days ago

Cybersecurity—a word we hear all the time, but do you really know what it means?

The Tea on Cybersecurity breaks it down without the confusing jargon. We spill the truth about security and compliance in a way that is easy to understand and actually useful.

Perfect for SaaS startups and small to medium sized businesses starting their journey in cybersecurity and compliance. We've learned to keep it short -15-30 minutes per episode - so you get the facts and none of the fluff.

All content for The Tea on Cybersecurity is the property of Trava Security and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Cybersecurity—a word we hear all the time, but do you really know what it means?

The Tea on Cybersecurity breaks it down without the confusing jargon. We spill the truth about security and compliance in a way that is easy to understand and actually useful.

Getting CMMC Right: Scope, Budget, and Certification Tips

The Tea on Cybersecurity

26 minutes

5 months ago

Getting CMMC Right: Scope, Budget, and Certification Tips

Think compliance is just an IT problem? It’s a revenue problem, too. Without it, some contracts will stay out of reach.

In this episode, Jara Rowe talks with Tom Greco, vCISO at Trava Security, about what companies need to know about the Cybersecurity Maturity Model Certification (CMMC). It’s a Department of Defense requirement that verifies whether companies are securely handling Controlled Unclassified Information (CUI). Tom Greco explains what CMMC involves, how scoping affects your readiness, and how to maintain compliance over time. In short, if you want to win or keep federal contracts, CMMC compliance isn’t optional.

Key takeaways:

What CMMC is and why it exists
The importance of accurate scoping
Tools and tips to maintain CMMC compliance

Episode highlights:

(00:00) Today’s topic: What is CMMC?

(02:20) What CMMC means for your business

(06:05) The nuances of scoping

(10:07) How contracts set your CMMC level

(13:44) Self-assessment vs third-party audits

(17:36) Maintaining CMMC compliance over time

(22:17) Perform gap assessments ASAP

Connect with the host:

Jara Rowe’s LinkedIn - @jararowe

Connect with the guest:

Thomas Greco’s LinkedIn - @thomas-greco

Connect with Trava:

Website - www.travasecurity.com

Blog - www.travasecurity.com/learn-with-trava/blog

LinkedIn - @travasecurity

YouTube - @travasecurity