Sign up to save your podcasts
Or
Share Brian Guenther | Crucial Conversations: CMMC, Compliance, and Your Cybersecurity Strategy
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Brian Guenther | Crucial Conversations: CMMC, Compliance, and Your Cybersecurity Strategy
Show Website: https://mspbusinessschool.com/
Guest
Name: Brian Guenther LinkedIn page: https://www.linkedin.com/in/brianwguenther/ Company: Exceed Cybersecurity & I.T. Services Website: https://www.exceeditmd.com/ Host
Brian Doyle: https://www.linkedin.com/in/briandoylevciotoolbox/ Brian Guenther is a seasoned cybersecurity expert and the founder of Exceed Cyber. With over 26 years of experience in the IT and cybersecurity industry, Brian started his career by building PCs and gradually transitioned into IT franchise ownership. He founded Exceed Cyber in 2017, focusing on helping businesses navigate the complex landscape of cybersecurity compliance, specifically for those with federal contracts mandated by regulations such as CMMC, SoC2, and ISO 27001.
His deep understanding of governance, risk, and compliance processes makes him a valuable asset for companies needing to secure their operations against current cyber threats.
Episode Summary:
In this enlightening episode of MSB Business School, host Brian Doyle sits down with cybersecurity expert Brian Guenther to discuss the nuances of the Cybersecurity Maturity Model Certification (CMMC). As regulations around cybersecurity become more stringent, especially for defense contractors, understanding CMMC's requirements and implications is crucial. Brian Guenther, with his wealth of experience, dives into the evolution of CMMC, highlighting its origins, the essential controls necessary for compliance, and the critical role MSPs play in this landscape.
The discussion delves into how CMMC has become a focal point for organizations dealing with controlled unclassified information (CUI) and why being prepared for compliance is vital. Brian Guenther emphasizes the importance of proactive engagement in compliance processes, illustrating how MSPs can leverage their positioning by becoming CMMC-certified to differentiate themselves in the marketplace. He also sheds light on the geopolitical nuances affecting these regulations and how changes in political leadership might influence—but not diminish—the momentum towards stricter cybersecurity standards for federal contractors.
Key Takeaways:- CMMC is paramount for defense contractors: Understanding and implementing CMMC is crucial as it enforces standards that contractors should have been following since 2017.
- Compliance does not equal security: While security frameworks like NIST 800-171 underpin CMMC, compliance serves as an initial checkpoint rather than the full spectrum of cybersecurity.
- MSPs must prepare adequately: Even though MSPs are not directly required to certify under CMMC, being prepared and knowledgeable is crucial for assisting clients.
- Cyber liability is a key driver: Insurance and regulatory requirements are pushing businesses to adopt more sophisticated cybersecurity measures.
- Proactive steps are essential: Waiting for enforcement isn't viable; MSPs and their clients should start their compliance journey immediately.
View all episodes
By MSP Business School
5
66 ratings
Show Website: https://mspbusinessschool.com/
Guest
Name: Brian Guenther LinkedIn page: https://www.linkedin.com/in/brianwguenther/ Company: Exceed Cybersecurity & I.T. Services Website: https://www.exceeditmd.com/ Host
Brian Doyle: https://www.linkedin.com/in/briandoylevciotoolbox/ Brian Guenther is a seasoned cybersecurity expert and the founder of Exceed Cyber. With over 26 years of experience in the IT and cybersecurity industry, Brian started his career by building PCs and gradually transitioned into IT franchise ownership. He founded Exceed Cyber in 2017, focusing on helping businesses navigate the complex landscape of cybersecurity compliance, specifically for those with federal contracts mandated by regulations such as CMMC, SoC2, and ISO 27001.
His deep understanding of governance, risk, and compliance processes makes him a valuable asset for companies needing to secure their operations against current cyber threats.
Episode Summary:
In this enlightening episode of MSB Business School, host Brian Doyle sits down with cybersecurity expert Brian Guenther to discuss the nuances of the Cybersecurity Maturity Model Certification (CMMC). As regulations around cybersecurity become more stringent, especially for defense contractors, understanding CMMC's requirements and implications is crucial. Brian Guenther, with his wealth of experience, dives into the evolution of CMMC, highlighting its origins, the essential controls necessary for compliance, and the critical role MSPs play in this landscape.
The discussion delves into how CMMC has become a focal point for organizations dealing with controlled unclassified information (CUI) and why being prepared for compliance is vital. Brian Guenther emphasizes the importance of proactive engagement in compliance processes, illustrating how MSPs can leverage their positioning by becoming CMMC-certified to differentiate themselves in the marketplace. He also sheds light on the geopolitical nuances affecting these regulations and how changes in political leadership might influence—but not diminish—the momentum towards stricter cybersecurity standards for federal contractors.
Key Takeaways:- CMMC is paramount for defense contractors: Understanding and implementing CMMC is crucial as it enforces standards that contractors should have been following since 2017.
- Compliance does not equal security: While security frameworks like NIST 800-171 underpin CMMC, compliance serves as an initial checkpoint rather than the full spectrum of cybersecurity.
- MSPs must prepare adequately: Even though MSPs are not directly required to certify under CMMC, being prepared and knowledgeable is crucial for assisting clients.
- Cyber liability is a key driver: Insurance and regulatory requirements are pushing businesses to adopt more sophisticated cybersecurity measures.
- Proactive steps are essential: Waiting for enforcement isn't viable; MSPs and their clients should start their compliance journey immediately.
More shows like MSP Business School
View all
Evolved Radio
5 Listeners
CISO Series Podcast
186 Listeners
Business of Tech: Daily 10-Minute IT Services Insights
132 Listeners
Paul Green's MSP Marketing Podcast
15 Listeners
The IT Experts Podcast
1 Listeners
MSP Unplugged
10 Listeners
Powered Services Podcast
29 Listeners
The MSP Zone
14 Listeners
Cyber Security Headlines
118 Listeners
MSP Success Podcast
2 Listeners
No Fluff MSP Marketing
21 Listeners
MSP Mindset with Damien Stevens
7 Listeners
All Things MSP
14 Listeners
Building a Profitable MSP with Chris Wiser
2 Listeners
MSP Heroes Podcast
2 Listeners