Sign up to save your podcasts
Or
Share The Currency of Trust: Navigating CMMC with Mark Jackolski
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Currency of Trust: Navigating CMMC with Mark Jackolski
Summary
In this episode of Chattinn Cyber, cybersecurity expert Mark Jackolski, Director of Risk and Compliance at Show Proof, shares his journey from Long Island technician to national leader in cyber compliance. With a foundation in information systems from Stony Brook University, Mark discusses how his passion for technology evolved into a career focused on helping organizations meet rising cybersecurity standards.
The heart of the conversation is the Cybersecurity Maturity Model Certification (CMMC), a framework initiated by the Department of Defense to ensure that contractors protect controlled unclassified information. Mark explains that while compliance with NIST 800-171 has been required since 2017, CMMC introduces verification—organizations must now demonstrate their cybersecurity posture through third-party assessments to remain eligible for federal contracts.
Beyond meeting DoD requirements, Mark describes how CMMC builds reputational credibility, calling it “the currency of trust.” He emphasizes the strategic advantage of showing compliance through a recognized badge rather than repeated explanations, which streamlines the contracting process and establishes confidence with partners and clients.
When asked how organizations should begin preparing, Mark advises starting with people: appointing a program leader, engaging executive buy-in, and mapping where sensitive data flows. He warns against relying on underqualified partners and stresses the importance of assessing technical, administrative, and physical requirements early. Missteps—like poor documentation or unclear scoping—can lead to wasted time and resources.
Finally, Mark highlights the growing relevance of CMMC beyond the DoD. New regulations aim to standardize data protection across all federal agencies, meaning businesses even tangentially involved in government work may soon fall under its scope. As CMMC requirements become embedded in contracts by summer 2025, organizations that prepare now will gain a competitive edge in the expanding defense and government market.
5 Key Points
5 Key Quotes
About Our Guest
Mark Jackolski is a creative and team-oriented cybersecurity professional with a deep-seated passion for technology. He specializes in assisting small to medium-sized businesses in enhancing their security posture and achieving compliance with industry standards. With a persistent drive to deliver exceptional results, Mark offers strategic virtual Chief Information Security Officer (vCISO) services that emphasize risk management, security program development, and regulatory alignment.
Dedicated to continuous learning, Mark is committed to refining his skills and adopting innovative approaches to cybersecurity. He partners with clients to transform cybersecurity from a mere compliance requirement into a competitive advantage. His expertise spans complex frameworks, including HIPAA, ISO 27001, CISv8, NIST, and CMMC 2.0, enabling him to guide organizations through the intricacies of regulatory compliance effectively.
Follow Our Guest
LinkedIn | Website
About Our Host
National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan Agency. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.
Follow Our Host
Website | LinkedIn
View all episodes
By Marc Schein
4.8
1010 ratings
Summary
In this episode of Chattinn Cyber, cybersecurity expert Mark Jackolski, Director of Risk and Compliance at Show Proof, shares his journey from Long Island technician to national leader in cyber compliance. With a foundation in information systems from Stony Brook University, Mark discusses how his passion for technology evolved into a career focused on helping organizations meet rising cybersecurity standards.
The heart of the conversation is the Cybersecurity Maturity Model Certification (CMMC), a framework initiated by the Department of Defense to ensure that contractors protect controlled unclassified information. Mark explains that while compliance with NIST 800-171 has been required since 2017, CMMC introduces verification—organizations must now demonstrate their cybersecurity posture through third-party assessments to remain eligible for federal contracts.
Beyond meeting DoD requirements, Mark describes how CMMC builds reputational credibility, calling it “the currency of trust.” He emphasizes the strategic advantage of showing compliance through a recognized badge rather than repeated explanations, which streamlines the contracting process and establishes confidence with partners and clients.
When asked how organizations should begin preparing, Mark advises starting with people: appointing a program leader, engaging executive buy-in, and mapping where sensitive data flows. He warns against relying on underqualified partners and stresses the importance of assessing technical, administrative, and physical requirements early. Missteps—like poor documentation or unclear scoping—can lead to wasted time and resources.
Finally, Mark highlights the growing relevance of CMMC beyond the DoD. New regulations aim to standardize data protection across all federal agencies, meaning businesses even tangentially involved in government work may soon fall under its scope. As CMMC requirements become embedded in contracts by summer 2025, organizations that prepare now will gain a competitive edge in the expanding defense and government market.
5 Key Points
5 Key Quotes
About Our Guest
Mark Jackolski is a creative and team-oriented cybersecurity professional with a deep-seated passion for technology. He specializes in assisting small to medium-sized businesses in enhancing their security posture and achieving compliance with industry standards. With a persistent drive to deliver exceptional results, Mark offers strategic virtual Chief Information Security Officer (vCISO) services that emphasize risk management, security program development, and regulatory alignment.
Dedicated to continuous learning, Mark is committed to refining his skills and adopting innovative approaches to cybersecurity. He partners with clients to transform cybersecurity from a mere compliance requirement into a competitive advantage. His expertise spans complex frameworks, including HIPAA, ISO 27001, CISv8, NIST, and CMMC 2.0, enabling him to guide organizations through the intricacies of regulatory compliance effectively.
Follow Our Guest
LinkedIn | Website
About Our Host
National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan Agency. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.
Follow Our Host
Website | LinkedIn