In this episode of "Climbing Mount CMMC," hosts Kaleigh Floyd and Bobby Guerra delve into the intricacies of preparing for a CMMC Level 2 assessment, particularly focusing on the role of external service providers (ESPs) and Managed Service Providers (MSPs). They emphasize the importance of selecting a provider who not only understands the CMMC requirements but has also successfully guided clients through the assessment process. Kaleigh shares her personal experiences with contractors who have been misled by providers, likening the situation to being an Uber driver rather than a coach in a race. Bobby adds that understanding the CMMC controls at a referee level is crucial for any provider aiming to assist clients effectively. The conversation progresses to practical advice on how to vet potential providers, including asking about their experience with assessments, their understanding of NIST 800-171 controls, and the tools they use. Kaleigh and Bobby stress the necessity of having a customer responsibility matrix and a clear agreement that outlines the roles and responsibilities of both the provider and the client. They conclude by encouraging listeners to ask the right questions to avoid wasting time and resources, ensuring they choose a provider who can genuinely support them through the CMMC certification journey.

Link to see our upcoming events: https://www.axiom.tech/upcoming-events/

Website: https://www.axiom.tech/
YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ

Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/

Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/

Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

In this episode of Climbing Mount CMMC, hosts Bobby and Kaleigh discuss the critical topic of self-attestation for CMMC level two requirements. They explore the evolution of self-attestation, the risks associated with misrepresentation, and the importance of accountability in the self-assessment process. The conversation emphasizes the need for organizations to prepare adequately for self-attestation, including having a solid system security plan and the necessary evidence to support their claims. The hosts also highlight the potential consequences of failing to comply with these requirements, including the role of whistleblowers and the importance of leadership taking these matters seriously.

Website: https://www.axiom.tech/
YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ

Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/

Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/

Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/

In this episode, Kaleigh and Bobby discuss the significant changes and challenges that companies will face in 2026 regarding CMMC compliance. They delve into the implications of new CMMC Level 2 requirements, the importance of self-assessments versus third-party assessments, and the potential consequences of non-compliance. The conversation also touches on the risks of false claims and whistleblowing, the expected timeframes for achieving compliance, and the impact of resource contention on costs. Finally, they emphasize the importance of finding the right Managed Service Provider (MSP) to navigate these challenges effectively.

Website: https://www.axiom.tech/
YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ

Axiom's Linkedln: https://www.linkedin.com/company/axiomtech/

Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/

Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/