November CMMC Connect: MSPs, Security Assets, the Cap, Unsupported Systems, MFA, CUI, FIPS, Visitor Controls, and of Course (and always) Documentation!

This conversation is a replay of Redspin's November 2024, CMMC Connect Q&A session. The conversation covers various aspects of the CMMC process, including boundary considerations, asset definitions, and strategies for preparing for assessments. The speakers (some who are live from the Cyber AB's CEIC Conference) provide insights into the latest updates on the new CMMC Assessment Process (CAP) release, how Managed Service Providers (MSPs) can prepare for Level 2, and best practices for making the assessment process smoother. They also discuss the challenges of handling unsupported operating systems and the importance of risk management in these scenarios. This conversation delves into various aspects of CMMC compliance, including the necessity of MFA for Wi-Fi access and the handling of CUI in different contexts. The discussion also covers the importance of background checks for third-party employees, the management of visitor controls in research environments, and updates on compliance processes and requirements such as FIPS validation. The panelists emphasize the need for thorough documentation and due diligence in maintaining compliance standards.

Subscribe to Cyberspin on Apple iTunes, Spotify, or your preferred podcast platform. You can always stream the latest episodes at redspin.com.