1
rich
Libsyn
https://www.libsyn.com
90
600
How to Build a Cyber Defense Strategy That Meets CMMC Without Overspending | EP: 321
Cybersecurity is no longer a nice-to-have for government contractors — CMMC compliance is now a pre-award requirement, and if you haven't addressed it, your proposal may be dead before anyone reads it. In this episode, Eric sits down with a 15-year MIT Lincoln Laboratory veteran whose company now trains US Cyber Command to break down exactly what small and mid-size contractors need to know about cyber readiness in a rapidly shifting AI-driven threat landscape. Here's what you'll learn in this episode: Why CMMC and FedRAMP exist — and why meeting the minimum standard is just the floor, not the finish line, for contractors serious about winning DoD business How AI is accelerating cyberattacks on small businesses — attackers are using the same tools you use to run your business, and they're moving faster than ever What a cyber range actually is and how it works — the fire drill analogy that explains why buying tools without training your team is money wasted The right cybersecurity stack for small contractors — endpoint detection and response (EDR), firewalls, and SIEMs explained in plain language with practical starting points How to stop overspending on tools you don't use — why most CISOs only fully utilize a third of their security tools and how to build a lean, effective stack instead What AI adoption inside your company is actually exposing — prompt injection, data leakage, and the governance controls that protect your sensitive contract data   EPISODE CHAPTERS: 0:00 - Sponsor message and why cybersecurity just became mandatory 0:53 - Introducing a 15-year MIT Lincoln Lab cyber expert  6:01 - How the guest built cyber infrastructure for national defense 7:25 - What cyber ranges are and how they work for DoD training  9:16 - The fire drill analogy for understanding cyber readiness 11:07 - Why buying tools without training your team is not enough  13:28 - How the threat landscape has evolved from servers to cloud to AI 16:17 - CMMC and FedRAMP explained as a minimum bar for contractors  19:38 - The real-world financial losses that finally force action on cyber 25:21 - Building a practical cyber stack for small business contractors  31:17 - How AI is changing team size, efficiency, and detection capability 33:36 - Where AI adoption inside your business is creating new vulnerabilities  37:00 - How cyber range assessments work and how long they take  42:14 - What the next five years looks like for cybersecurity in govcon   If you want to learn more about the community and to join the webinars go to: https://federalhelpcenter.com/ Website: https://govcongiants.org/ Connect with Encore Funding: http://govcongiants.org/funding Connect with Lee Rossey: https://www.linkedin.com/in/lee-rossey-0873881/  
Govcon Giants Podcast
https://govcongiants.com/podcast/
<iframe title="Libsyn Player" style="border: none" src="//html5-player.libsyn.com/embed/episode/id/40896740/height/90/theme/custom/thumbnail/yes/direction/forward/render-playlist/no/custom-color/88AA3C/" height="90" width="600" scrolling="no" allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen></iframe>
https://assets.libsyn.com/secure/content/200864635