In this episode of Regulatory Phishing, Eric Crusius is joined by Ed Bassett, who is the Chief Cybersecurity Evangelist at NeoSystems and a member of the board of the MSP Collective. Managed Service Providers play a vital role in the protection of CUI assets and choosing the right MSP can be a daunting task. Ed and Eric discuss what companies should look for when choosing an MSP and how an MSP can impact a company’s efforts undergo a successful CMMC assessment.

Click here to learn more about MSP Collective.

Michael Greenman from Deltek joins Eric Crusius to discuss how cloud service providers (CSPs) have emerged as key players in the cybersecurity compliance landscape. From supporting DFARS 7012, CMMC and ITAR compliance, today’s government contracting regulatory frameworks increasingly rely on CSPs to demonstrate FedRAMP Moderate Authorization or Equivalency to reduce risk. This episode explores how CSPs support an organization’s compliance journey, with a focus on the shared responsibility model, evidence generation, and the rising demand for independently assessed, secure environments. We also unpack what "FedRAMP Authorized" vs. "FedRAMP Equivalency" really means for contractors working with the Department of Defense, and how CSP partnerships can impact a contractor’s ability to win government work under emerging regulations like CMMC.

Click here for more about the Deltek Clarity Government Contracting Industry Study

The regulations released by the Department of Defense/War roll out the CMMC program over a number of years. In this episode of Regulatory Phishing, we will look at the timing and what it means for the Defense Industrial Base.

In this episode of “Regulatory Phishing,” government contracts and cybersecurity attorney Eric Crusius discusses the latest rule released by the Department of Defense implementing the Cybersecurity Maturity Model Certification (CMMC) program and the implications and timing of the rule. Eric also discusses what changed from the proposed version of the rule and what is next for the CMMC program.

In this episode of "Regulatory Phishing," government contracts and litigation attorney Eric Crusius is joined by Kelsey Hayes to discuss a U.S. Department of Justice (DOJ) lawsuit that was brought under the Civil Cyber-Fraud Initiative. The speakers walk through the meaning of a whistleblower lawsuit, allegations in the DOJ's complaint, the False Claims Act and more.

In this episode of "Regulatory Phishing," government contracts and cybersecurity attorney Eric Crusius delves into the latest developments from the Cybersecurity Maturity Model Certification (CMMC) program, National Institute of Standards and Technology (NIST) and Cybersecurity and Infrastructure Security Agency (CISA). Mr. Crusius looks at the implementation timeline for new and proposed regulations from these entities and considers potential implications of the False Claims Act and presidential election.

In this episode of "Regulatory Phishing," government contracts and cybersecurity attorney Eric Crusius is joined by Stuart Itkin, a senior vice president and the chief marketing officer at NeoSystems. Their conversation covers the overall cybersecurity landscape, especially the Cybersecurity Maturity Model Certification (CMMC) program, and discusses the important role manage service providers (MSPs) play in the ecosystem.

In this episode of “Regulatory Phishing,” Fernando Machado joins government contracts and cybersecurity attorney Eric Crusius for an episode focused on the Cybersecurity Maturity Model Certification (CMMC) program. Mr. Machado is the Managing Principal and Chief Information Security Officer for Cybersec Investments as well as the author of CMMC Simplified. Mr. Crusius and Mr. Machado discuss the current state of the CMMC, how companies can come to terms with this new certification program and strategies for compliance. They also walk through Mr. Machado's book and highlight some key insights into the CMMC program.

In this episode of "Regulatory Phishing," former U.S. Department of Defense Chief Information Security Officer (CISO) Katie Arrington joins Hunton government contracts and cybersecurity attorney Eric Crusius to discuss the state of cybersecurity within the defense industrial base, including the rollout of the Cybersecurity Maturity Model Certification (CMMC). The discussion is wide-ranging and offers invaluable insights into what is to come in the months and years ahead.

In this episode of "Regulatory Phishing," Hunton government contracts and cybersecurity attorney Eric Crusius and Jeremy Burkhart discuss the interim rule issued by the Federal Acquisition Regulation (FAR) Council implementing the statutory ban on the use of ByteDance's TikTok app on federal information technology systems and contracts. They explore the ambiguities in the rule's language and different approaches contractors may take to ensure compliance.