CMMC 2.0 Is Here. Most Defense Contractors Aren't Ready. скачать в хорошем качестве

CMMC 2.0 Is Here. Most Defense Contractors Aren't Ready.

The U.S. cybersecurity compliance landscape just shifted dramatically — and thousands of defense contractors may not even know it yet. In this episode of the SecurityDNA podcast, SecurityInfoWatch Editorial Director Steve Lasky sits down with Shrav Mehta, Founder & CEO of Secureframe, and Marc Rubbinaccio, Secureframe's Head of Cybersecurity & Compliance, to break down the simultaneous rollout of FedRAMP 20X and CMMC 2.0 — and what these sweeping policy changes mean for the entire defense industrial base. From the 80,000 contractors now required to certify under CMMC to the hidden cost realities of compliance (hint: it's not always $300K), this conversation cuts through the noise with the kind of straight talk that security integrators, MSPs, and defense subcontractors need right now. Topics covered: • What FedRAMP 20X and CMMC 2.0 actually require — and who they apply to • The difference between CUI and FCI, and why it matters for your compliance scope • Why so many defense subcontractors are either unaware or ignoring CMMC — and the Real ID-style reckoning that's coming • The real cost of CMMC compliance and how automation is making it more accessible • How prime contractors are pushing requirements down to their supply chains • Juggling multiple compliance mandates (CMMC, PCI DSS, FedRAMP) without losing your mind • One piece of advice for every CEO and CISO staring down fall compliance deadlines Whether you contract directly with the DoD or sit three layers deep in a defense supply chain, this episode is required viewing. 🔗 Learn more about Secureframe: https://secureframe.com 🔗 Visit SecurityInfoWatch: https://securityinfowatch.com SecurityDNA is produced by SecurityInfoWatch, serving the full breadth of the security industry, from end-user executives to integrators and consultants, to manufacturers, distributors, and software providers. CHAPTERS 00:00 Introduction & The Cybersecurity Compliance Inflection Point 01:52 Meet the Guests: Shrav Mehta & Marc Rubbinaccio 04:51 How Significant Is CMMC 2.0 for Defense Contractors? 07:49 CUI vs. FCI: Understanding the Key Distinction 10:46 From Self-Certification to Third-Party Audits: The Real Shift 11:52 Contractor Readiness: Scrambling, Planning, or Waiting? 13:27 The Real Cost of CMMC Compliance (and Who It's Crushing) 16:01 How Secureframe Is Making Compliance Accessible — Without Shortcuts 19:01 Navigating FedRAMP 20X: Where Companies Are Underestimating the Effort 21:38 The Consequences of Ignoring CMMC 23:25 Prime Contractors Are Pushing Requirements Down the Supply Chain 24:07 Juggling Multiple Compliance Mandates: How to Prioritize 26:24 Final Advice for CEOs and CISOs Facing Fall Deadlines 29:29 Closing Thoughts: Raising the Cybersecurity Baseline #CMMC #FedRAMP #Cybersecurity #CyberCompliance #DefenseContracting #CMMC2 #NIST #CUI #FedRAMP20X #SecurityCompliance #DoD #DefenseIndustrialBase #CyberResilience #Secureframe #InfoSec #ComplianceAutomation #SupplyChainSecurity #Security #SecurityInfoWatch #SecurityDNA #CloudSecurity