Climbing Mount CMMC

Hosted by Bobby Guerra

Technology Business NewsInterviews guests

Website RSS feed

Episodes

125

Latest episode

Jun 2026

Language

EN-US

About the show

Our podcast is dedicated to supporting MSPs/MSSPs and the companies that engage with them. We aim to maintain transparency throughout our journey, especially as we pursue our level two certification. While only a few MSPs are actively participating, we hope this podcast will inspire more involvement. We have many guests from different branches of the CMMC ecosystem who are professional in their fields. These guests include Brian Hubbard, Joy Beland, Amira Armond and many more!

Listen to episodes

60 recent

June 11, 2026Episode 922 min

A Deep Dive into Rev 3: Incident Response (feat. Adam Evans)

In this Spelunking episode of Climbing Mount CMMC, Kaleigh and Adams dive into the key differences between NIST 800-171 Rev2 and Rev3, focusing on incident response requirements for CMMC compliance. They share insights on preparing for Rev3, emphasizing 03.06's incident handling, reporting, and training strategies.Link to NIST 800-171 Rev 3: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r3.pdfWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

June 4, 2026Episode 836 min

What Qualifies As a "Significant Change" in CMMC?

In this episode of Climbing Mount CMMC, Bobby and Kaleigh explore the recent updates and implications of "significant changes" in the CMMC assessment process, focusing on how organizations can navigate reassessments, change management, and the role of C3PAOs.Link to 32 CFR Final Rule: Federal Register :: Cybersecurity Maturity Model Certification (CMMC) ProgramLink to FAQ: CYBERSECURITY MATURITY MODEL CERTIFICATION Program (CMMC) FREQUENTLY ASKED QUESTIONSLink to Vince Scott's Article: (29) Temporary Deficiencies, Enduring Exceptions, and Operational Plans of Action: What are they and why do I care? | LinkedInWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

May 28, 2026Episode 729 min

What is CMMC Inheritance and How Do I Apply It? (feat. Adam Evans)

In this episode of Climbing Mount CMMC, Kaleigh speaks with Axiom's compliance officer, Adam Evans, to explore the complexities of inheritance in the context of CMMC compliance, cloud service providers, and external service providers. They discuss how inheritance works, common misconceptions, and practical tips for organizations navigating compliance assessments.Link to the CMMC Assessment Process (CAP): https://cyberab.org/Portals/0/CMMC%20Assessment%20Process%20v2.0.pdfWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

May 21, 2026Episode 646 min

What is "The Game of Chicken" in CMMC? (feat. Lawrence Cruciana)

In this episode of Climbing Mount CMMC, Kaleigh and Bobby dive into a deep discussion on the complexities and challenges of achieving CMMC Level 2 certification for MSPs and OSCs with Lawrence Cruciana. They share insights on shared responsibility, operational maturity, and "the game of chicken" played between organizations in the cybersecurity compliance landscape.Lawrence's LinkedIn: Lawrence Cruciana | LinkedInCorporate Information Technologies Website: Corporate Information Technologies - CorpInfoTechWebsite: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

May 14, 2026Episode 526 min

Cyb-Her: Transitioning Your MSP to CMMC Compliance

In this episode of Cyb-Her, Kaleigh shares with Axiom employee, Maleah Adams, her journey from call coordinator to COO, speaking on her experiences in the MSP and cybersecurity space, including her work and transition to the CMMC ecosystem and her perspective as a woman in a male-dominated industry.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

May 7, 2026Episode 442 min

Working with a C3PAO (feat. Fernando Machado)

In this episode of Climbing Mount CMMC, Fernando Machado (CCA) from CyberSec Investments shares his extensive experience with Kaleigh and Bobby about the CMMC assessment process, the journey to becoming a C3PAO, and practical insights for contractors navigating the certification landscape. They discuss the phases of assessments, scoping mistakes, and how to prepare effectively.Fernando's LinkedIn: https://www.linkedin.com/in/fernando-machado-cissp-cism-cca-ccp-5b5581124/CyberSec Investments Website: https://cybersecinvestments.com/ ND-ISAC C3PAO Shopping Guide: https://ndisac.org/defense-news/nd-isac-releases-c3pao-shopping-guide-for-small-medium-sized-businesses/Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

April 30, 2026Episode 328 min

What Questions Should Your MSP Be Asking You?

In this episode, Kaleigh and, new to Axiom, Ashton Guerra discuss the critical questions organizations seeking CMMC Level 2 certification (OSCs) should ask their MSPs. They share insights on scope, security measures, and the importance of transparency in the certification journey.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

April 23, 2026Episode 228 min

A Deep Dive into Rev 3: Awareness & Training

In this new series we like to call "Spelunking", Bobby and Kaleigh explore the updates in NIST 800-171 Revision 3, focusing on the differences from Rev 2, including control changes, assessment objectives, and preparation strategies for compliance. In this episode, they focus on control 03.02 Awareness and Training. They give valuable insights for MSPs, organizations, and assessors preparing for the upcoming changes and requirements.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

April 16, 2026Episode 136 min

The Ultimate Guide to a CMMC Level 2 Self-Assessment

In the season 5 premiere of Climbing Mount CMMC, Kaleigh and Bobby share practical, boots-on-the-ground insights on implementing CMMC self-assessments, especially for MSPs supporting multiple clients. They break down how to approach self-assessments with the discipline of a formal audit, while still building a process that can scale.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

March 26, 2026Episode 3044 min

How to Build CMMC as an MSP

In the season 4 finale of Climbing Mount CMMC, Kaleigh and Bobby share their extensive experience navigating the complexities of achieving CMMC Level 2 certification as an MSP. They discuss the importance of commitment, education, strategic planning, and the realities of scaling support for government contractors.Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

Is this your show?

Claim this listing to keep it up to date, reach guests who want to pitch you, and manage bookings with Guestify.

Claim this listing

More Technology podcasts

SowGrow Marketing Council

sgmc

BusinessMarketing

Toldjya Finance Podcast

Zac Huish, Cameron Cooke, and Paul Lamb

BusinessInvesting