John Christly: Demystifying CMMC to Protect the DIB Artwork

Kitecast

Kitecast features interviews with security, IT, compliance, and risk management leaders and influencers, highlighting best practices, trends, and strategic analysis and insights.

All Episodes

Kitecast

John Christly: Demystifying CMMC to Protect the DIB

August 19, 2024 • Tim Freestone and Patrick Spencer • Season 2 • Episode 34

John Christly, VP of Services for Blue Team Alpha, and author of two cybersecurity books, brings his wealth of experience to this episode of Kitecast. With a background spanning roles such as CEO, CIO, CISO, and CTO, as well as military service, Christly offers unique insights into the world of cybersecurity compliance for Department of Defense (DoD) contractors.

In this enlightening discussion, Christly demystifies the Cybersecurity Maturity Model Certification (CMMC) process. He explains how many organizations are surprised to find they’re further along in compliance than they initially thought, thanks to existing frameworks like DFARS and NIST 800-171. However, he cautions that self-attestation is no longer sufficient, emphasizing the need for third-party verification in the new CMMC landscape.

Christly also delves into the critical role of FedRAMP certification in doing business with the government. He highlights the importance of data sovereignty and security in protecting American interests. The conversation explores the challenges of achieving “FedRAMP-like” status and the expertise required to truly build secure systems to DoD specifications.

The podcast doesn’t shy away from emerging threats, with Christly offering valuable insights on managing AI-related risks in the workplace. He stresses the importance of clear policies, employee education, and ongoing monitoring to harness the benefits of AI while protecting sensitive data. Christly’s practical advice on consolidating security tools and gaining visibility into cloud application usage provides actionable strategies for improving organizational cybersecurity posture.

Whether you’re a DoD contractor or simply interested in elevating your cybersecurity practices, this episode of Kitecast is a must-listen. Tune in now and take the first step toward robust, compliant cybersecurity for your organization.

LinkedIn

https://www.linkedin.com/in/johnchristly/

Blue Team Alpha

https://www.blueteamalpha.com

Book: NIST 800-171 Controls Made Simple: A Step by Step Guide

https://www.udemy.com/course/nist-800-171-controls-made-simple

Book: The Basics of Cybersecurity

https://www.amazon.com/dp/B0CZY65DQC

Check out video versions of Kitecast episodes at https://www.kiteworks.com/kitecast or on YouTube at https://www.youtube.com/c/KiteworksCGCP.

People on this episode

Patrick Spencer

Co-host

Tim Freestone

Co-host