Cuick 10

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Rachel Bassford, CUI Consultant at DEFCERT, to explore how organizations should approach identifying Controlled Unclassified Information (CUI).Rachel explains why companies often jump straight into technology decisions without fully understanding their scope—and how that leads to wasted time, unnecessary cost, and increased risk. She outlines a structured approach that starts with understanding contracts, document markings, and data flow before making any compliance investments.This episode provides practical guidance for organizations trying to answer one of the most important questions in CMMC: What do we actually need to protect?

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Carter Schoenberg, Vice President - Cybersecurity & Chief Cybersecurity Officer at SoundWay Consulting Inc., to discuss how the CMMC ecosystem is evolving now that regulatory requirements are becoming enforceable.Carter shares firsthand insights from conducting assessments as a C3PAO, including how demand has shifted dramatically following key rulemaking milestones. The conversation explores the growing urgency among contractors, common misunderstandings about timelines, and the variability organizations are encountering in early assessments.They also break down why many companies are still underprepared, the importance of realistic expectations, and what lessons from the front lines can help organizations better navigate the path to certification.Tune in for a candid discussion on what’s changing in CMMC—and what it means for contractors moving forward.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Alex Major, Partner & Co-Leader of the Government Contracts and Global Trade Group at McCarter & English, to discuss the challenges organizations face when identifying Controlled Unclassified Information (CUI).Alex explains why CUI identification has become one of the most critical components of CMMC compliance and how confusion across government agencies, prime contractors, and suppliers creates risk throughout the Defense Industrial Base. The conversation explores how contractors should approach CUI policies, what role supply chain partners play in CUI flowdown, and why organizations must clearly understand what information they are required to protect.Tune in for practical insights on navigating CUI identification and strengthening compliance across the supply chain.

To kick off Season 3, Derek White, COO of Cuick Trac, sits down with Kyle Lai, President & CISO at KLC Consulting, to discuss what makes someone truly effective in the CMMC consulting space. Kyle brings unique perspective as both an experienced assessor and a trusted advisor to organizations navigating DFARS, NIST 800-171, and CMMC compliance.In this episode, they explore what separates technical know-how from true client impact—from soft skills like listening and empathy to real-life stories of consulting gone wrong (and right).

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, sits down with Jeff Smedley, retired CIO and CMMC strategy consultant, to explore how CMMC can go beyond compliance to drive organizational value.Jeff shares how his company achieved a perfect assessment score and leveraged CMMC to unlock board alignment, private equity support, and a billion-dollar exit. From cultural transformation to financial metrics, this conversation reframes CMMC as a growth opportunity—not just a mandate.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by James Harper, CEO at Quatronics, to break down FIPS encryption, validated crypto modules, and how governance underpins both CMMC compliance and long-term company growth.James shares real-world examples of where small businesses stumble—from improper data mapping to lack of documented roles—and explains how CMMC can be a catalyst for sustainable scaling. If you’ve ever asked, “Do I really need FIPS validated equipment?” or struggled to track CUI across your team, this one’s for you.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Brad Taylor, Senior Information Security Consultant at Foregenix, to explore what goes into a successful CMMC assessment from the assessor’s perspective. Brad shares insights from a recent real-world engagement, including how strong inheritance documentation, pre-assessment reviews, and clear traceability helped one OSC complete their assessment in under two days.This episode is full of practical tips for preparing your environment, aligning your SSP and policies, and ensuring your team is ready to show up informed and confident.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Heather Siemens, CEO of iFortress, to explore the growing call for standardization across federal cybersecurity frameworks — particularly for contractors serving both defense and energy sectors.Heather shares lessons from her background in NERC compliance, the challenge of overlapping frameworks like NIST SP 800-171 and NIST 800-161, and what needs to happen for agencies like DoD, DOE, and DHS to speak a common cybersecurity language.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Nancy Laney, CEO of Peak Complyance, to discuss why executive leadership buy-in is essential for successful CMMC compliance.Nancy shares insights into building a cyber-aware culture, shifting compliance ownership beyond IT, and the growing importance of executive affirmations—even at CMMC Level 1. She also outlines the risks of relying on a single point of failure, the importance of documentation for sustainability, and how coaching and tools can help organizations operationalize compliance.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by James Harper, CEO of Quatronics, to explore two critical — and often misunderstood — areas of cybersecurity compliance: FIPS encryption and corporate governance.James shares practical insights on what FIPS-validated encryption actually means (and doesn’t mean), where it’s required, and how misconceptions around equipment can lead to costly and unnecessary decisions. More importantly, he makes the case that governance — not just tech — is the backbone of scalable, effective CMMC compliance.Whether you're confused about encryption, overwhelmed by data flows, or wondering how to grow securely, this episode offers a down-to-earth look at getting CMMC right.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, sits down with TJ Hope, Sales Engineer at Senteon, to discuss how configuration management plays a vital role in meeting CMMC requirements. TJ explains how automation, visibility, and environment-specific baselining can transform the way organizations approach hardening—without breaking things or burning out staff.Whether you’re preparing for your first CMMC Level 2 assessment or inheriting someone else’s security posture, this episode delivers a practical look at one of the most challenging aspects of compliance.

n this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, sits down with Dy Edington, Director of Information Security at AV, to share lessons from the front lines of achieving CMMC certification. Dy offers a behind-the-scenes look at what it takes to drive a successful compliance program—from cross-functional alignment to hands-on training and executive support.Whether you're early in your journey or already preparing for assessment, this episode is packed with practical insights.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Kayli Keough, US Government Contract Compliance Counsel at Collins Aerospace. Kayli shares her unique perspective as a legal and contracts professional navigating the world of cybersecurity compliance.They discuss how legal, contracts, and cyber teams can collaborate more effectively, the growing importance of compliance across global frameworks, and how CMMC is changing the conversation within large government contractors. Whether you're in legal, cyber, or program management—this episode shows why a unified approach to compliance is no longer optional.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Eric Levitas, Vice President of Business Development at ControlCase, to unpack why mock assessments are more critical than ever for defense contractors navigating CMMC.Eric explains the most common mistakes he sees contractors make when jumping straight into their C3PAO audit, how to properly prepare your scope and documentation, and what the mock assessment process really looks like from a third-party assessor’s point of view.Tune in for expert guidance on how to get audit-ready — without the panic.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Matt Hoeper, Director of Commercial/Cybersecurity at Edwards Performance Solutions, to unpack how cybersecurity leaders can better align their CMMC programs with business goals.Matt explains why CMMC should be positioned not just as a regulatory requirement, but as a strategic business investment. From reducing operational risk to building customer trust, this episode provides clear guidance on how to tie technical compliance efforts to business outcomes—especially in conversations with leadership and boards.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Tom Conkle, CEO of Optic Cyber Solutions, to discuss the often-overlooked importance of the Customer Responsibility Matrix (CRM) in CMMC compliance.Tom shares firsthand experience from CMMC readiness engagements where organizations mistakenly assumed their MSPs had implemented necessary controls—only to discover critical gaps. He breaks down how the CRM acts as a communication bridge between managed service providers and OSCs, what should be included in a CRM, and why documenting shared responsibility is now a requirement under the final rule.Tune in to learn how better documentation, communication, and ownership can prevent serious compliance failures.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Prabhat Nigam, Global CTO at Golden Five Consulting, to discuss the critical interplay between scope, cost, and risk in CMMC compliance.Prabhat shares practical lessons on how over-scoping can drive up compliance costs, how to manage subcontractor and MSP risk, and the importance of simplifying your technology footprint within one trusted cloud ecosystem.This conversation is packed with tips for defense contractors trying to stay compliant while minimizing overhead and complexity.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Justin Hensley, Principal Program Manager at CloudFit Software, to explore how Virtual Desktop Infrastructure (VDI) is helping defense contractors scale securely.Justin discusses the recent DoD VDI memo and how it has changed the game for flexibility, cloud-first strategies, and scalability in CMMC compliance. He also shares how CloudFit is helping organizations use Microsoft Azure Virtual Desktop environments to reduce CAPEX, improve collaboration, and integrate tools like AI and secure messaging.From CAD workloads to real-time collaboration, this episode dives into how SMBs and federal partners can modernize their environments without breaking their workflows.

In this episode of the Cuick 10 Podcast, host Derek White (COO, Cuick Trac) sits down with Mike Bramm, Owner & CTO at BomberJacket Networks, to unpack what it really takes to pass a CMMC assessment—and why most failures start by skipping Phase 1.Mike explains the importance of readiness assessments, how the Lead CCA role helps ensure structure and accountability, and why implementation is often more valuable than just getting assessed. He also shares candid insights on DIB contractors still in denial, and how culture—not tooling—is what determines success.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Michael Greenman, Sr. Product Marketing Manager at Deltek, to unpack the latest industry data and FedRAMP developments shaping the CMMC landscape.They discuss the significance of FedRAMP Moderate Equivalency, cloud security documentation best practices, and the must-ask questions when evaluating cloud service providers. Michael also reveals new statistics from Deltek’s Clarity Report, including how much contractors are spending to prepare for assessments—and how many plan to get certified in 2025.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Khanh Tran, CEO at Biorn Group Cyber, to discuss how empathy, education, and scoping are at the core of a sustainable CMMC strategy. Khanh shares how his nonprofit roots shaped a mentorship-first approach to cybersecurity consulting and why SMBs often get overwhelmed by overbuilt solutions. They break down how clarity around scope, size-appropriate tools, and human connection can lead to better CMMC outcomes — and a stronger Defense Industrial Base.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer at Cuick Trac, is joined by Amy Williams, Vice President of CMMC at Coalfire Federal. Together, they unpack the real value of CMMC preparation—from mapping CUI data flows and understanding current vs. desired states, to reducing scope and aligning security with business priorities.Amy shares lessons from the field, including why SMBs must recognize their role as valuable targets, how user behavior plays into breach risk, and why empathy, education, and long-term partnership are essential to strengthening the DIB.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Mark DeBry, VP of Business Operations, Lead CCA, and vCISO at Shadowscape, to unpack the top mistakes organizations make heading into a CMMC assessment.Mark shares key insights from recent assessments—including how poorly structured SSPs, incomplete diagrams, and lack of hands-on readiness create unnecessary headaches. He also explains why mock assessments and mastering the CMMC Assessment Guide are the most powerful ways to reduce risk and save time during audits.Whether you’re weeks from your first formal assessment or just beginning to prep, this episode delivers practical tips to help you prevent the pain.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Scott Singer, CEO of CyberNINES, for a fast-paced conversation following CyberNINES' successful DIBCAC assessment.Scott breaks down what organizations should be doing now to prepare — including the role of mock assessments, the impact of managed service providers (MSPs), and the evolving guidance assessors are working through. Whether you're scheduling your assessment or just getting started, this episode offers timely and tactical advice from someone who's just been through it.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, sits down with Bobby Guerra, CEO of Axiom, to discuss the realities of supporting defense contractors through their CMMC journey as a Managed Service Provider.Bobby explains why most organizations seeking certification don’t fully grasp what they’re buying, how Axiom approaches implementation in phases, and why preserving business continuity is just as important as getting compliant. He also shares tips on how MSPs can scale delivery without sacrificing quality, and how his podcast "Climbing Mount CMMC" supports the broader ecosystem.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Katie Dodson, President and Lead Certified CMMC Assessor at Hive Systems Defense Solutions, to break down what organizations need to understand about External Service Providers (ESPs), Cloud Service Providers (CSPs), and Managed Service Providers (MSPs) in the context of CMMC.Katie explains why organizations often misunderstand what documentation is required during a CMMC assessment, the importance of customer responsibility matrices, and what’s expected when validating inherited controls—especially when your MSP is involved.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Katie Dodson, President and Lead Certified CMMC Assessor at Hive Systems Defense Solutions, to break down what organizations need to understand about External Service Providers (ESPs), Cloud Service Providers (CSPs), and Managed Service Providers (MSPs) in the context of CMMC.Katie explains why organizations often misunderstand what documentation is required during a CMMC assessment, the importance of customer responsibility matrices, and what’s expected when validating inherited controls—especially when your MSP is involved.

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Dr. Jeff Baldwin, CISO of Cuick Trac, to unpack the latest updates to the Cuick Trac platform — including the journey to FedRAMP Moderate Equivalency, major improvements in templated documentation, and the rollout of ServiceNow to streamline client support and assessment readiness.Jeff shares how Cuick Trac’s evolving managed enclave is purpose-built to support defense contractors in meeting CMMC Level 2 requirements with confidence — offering 86/110 control coverage, shared responsibility matrices mapped to NIST 800-171, and a centralized approach to compliance that reduces client lift and audit risk.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Matt Travis, CEO of The Cyber AB, to discuss the growing momentum behind CMMC Level 2 certifications and how the ecosystem is evolving to meet the needs of the Defense Industrial Base.Recorded live at CEIC West 2025, Matt provides an insider’s perspective on current certification stats, the role of C3PAOs and CCAs, the consolidation of national events, and why the defense industry can’t afford to wait on CMMC. He also shares where organizations can go for reliable, up-to-date information on compliance.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Robert Hill, CEO of Cyturus Technologies, to discuss how scalable, centralized GRC solutions can foster communication and consistency across the CMMC ecosystem.They explore the challenges faced by large and small contractors alike—from global subsidiaries to 5-person shops—and how modern platforms can align risk, compliance, and security efforts under a single pane of glass. Robert also shares why communication breakdowns remain one of the biggest risks in the ecosystem and how transparency and traceability can help drive better outcomes for both OSCs and assessors.🎥 Watch the full Episode on YouTube.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Travis Goldbach, Global Head of CMMC Go-To-Market at Amazon Web Services, to discuss the evolution of cybersecurity support across the DIB. Travis explains how AWS helps both large contractors and small businesses meet compliance objectives through FedRAMP-authorized cloud infrastructure, secure enclaves, and the shared responsibility model. The conversation also explores the role of AWS in academic research, regulatory changes, and how scalable solutions can help reduce the burden of CMMC compliance.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Chandler Ramirez, Account Executive at Zscaler and former Army officer, to talk about what it’s like breaking into cybersecurity and compliance from the military. Chandler shares his journey, what he’s learning about CMMC, and why a mission-focused culture is what drew him to this space.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Jerry Leishman, Strategic Alliance Manager at NeoSystems, to break down how organizations should evaluate and select their C3PAO (Certified Third-Party Assessment Organization). Jerry shares best practices for finding an auditor that fits your industry, understands your tech stack, and can grow with you through contract changes or infrastructure updates. He also highlights the rising global interest in U.S. cybersecurity standards and the importance of collaboration across the ecosystem.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Regan Edens, Founder & Chief Compliance Officer at DTC Global, to explore what’s next for the CMMC ecosystem. From new CUI marking guidance to updated assessment materials, Regan outlines how industry leaders can reduce confusion, enable scale, and equip the next generation of compliance professionals.🎧 Tune in for a strategic look at how education, clarity, and culture are shaping the future of compliance readiness.🖥️ Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Keren de Via, Chief Operating Officer at Cyturus Technologies, Inc., for a conversation recorded live at CUI-CON 2025 in Tampa. Together, they explore how cybersecurity compliance differs across global regions and why international organizations are often ahead of the curve.Keren shares how consulting firms are shifting to continuous engagement models and the importance of delivering a consistent customer experience—even as services and expectations evolve. The episode also touches on how mature organizations are embracing proactive strategies and what lessons the U.S. market can learn.🎧 Watch the full Episode on YouTube

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Koren Wise, CEO of Wise Technical Innovations, to unpack the hard truths about CMMC Level 2 readiness. They explore why secure enclave deployment isn’t as simple as buying a tool, the cultural shifts required for successful compliance, and how many defense contractors are scrambling under pressure.Koren also shares what assessors look for during audits, how training programs are changing, and what steps organizations should take before rushing into implementation.🎧 Watch the full Episode on YouTube https://youtu.be/qCRcR6Zatdk

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, sits down with Nick Graning of SP6 to talk about how automation is changing the game for compliance and monitoring. Nick introduces SP6’s Acera platform, which helps defense contractors streamline continuous compliance by integrating with SIEM tools like Splunk and Microsoft Sentinel.They discuss how automation reduces manual monitoring effort, flags non-compliant activity in real-time, and helps mid-size and enterprise organizations stay on top of their cybersecurity requirements without needing a massive team.🎥 Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, recorded live at CUICON 2025, Derek White, COO of Cuick Trac, sits down with Scott Edwards, CEO of Summit 7. Scott shares real-world takeaways from Summit 7’s dual-scope CMMC assessment experience and why MSSPs are the key to scaling security across the Defense Industrial Base.They discuss how shared responsibility is changing the compliance landscape, what contractors can expect during an audit, and the long-term role of managed providers in the CMMC ecosystem.🎥 Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, Derek White, COO of Cuick Trac, is joined by Thomas Graham, VP & CISO at Redspin, live from CUICON 2025. Tom shares what CMMC assessments really look like today, including the positive momentum since the rule dropped—and what’s still holding us back.They discuss the current bottleneck with assessor suitability, how official CMMC assessment teams must be structured, and what Redspin is doing to address industry confusion through their monthly open mic webinars.🎥 Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Derek Kernus, CEO of Aethon Security, to explore the people side of CMMC compliance. They dig into what happens when internal leadership buy-in transforms skepticism into support — and why documentation, visibility, and clarity are critical for success.Derek also shares his experience as a CMMC assessor and highlights how flexibility in 800-171 implementation is often misunderstood. They close the episode with a look at how concerns around the False Claims Act are driving more serious attention to doing cybersecurity “the right way.”🎥 Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Tom Tollerton, Principal at Forvis Mazars and one of the first reauthorized C3PAOs under the 32 CFR rule.Tom shares real-world takeaways from the first wave of CMMC Level 2 assessments — including documentation challenges, post-assessment responsibilities, and the critical role of affirming officials. He also talks about what contractors need to consider when selecting a C3PAO and why alignment matters.Filmed live at CUICON 2025, this conversation gives contractors a behind-the-scenes look at how assessments are evolving — and what it takes to be ready.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Jody Stoehr, Co-Founder and CRO at SMPL-C, for a conversation filmed at CUICON 2025.Jody discusses how automation is helping defense contractors overcome the documentation burden tied to CMMC compliance. She explains why SMBs often lack a starting point for documentation, how scalable solutions can offset the supply-and-demand problem for expert support, and why simplifying the user experience is critical for sustained adoption.This episode also touches on the broader cultural shift needed across the Defense Industrial Base — from education to funding — to help innovators succeed and protect national security.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Leia Kupris Shilobod, Chief Security Officer at CompliancyIT, to discuss how contractors can build a sustainable and accountable compliance program.Leia shares practical strategies for holding your MSP or MSSP accountable, including the use of Customer Responsibility Matrices (CRMs), quarterly compliance check-ins, and risk management meetings. She highlights how even small oversights—like forgotten test accounts or misassigned user access—can break compliance, and explains how documentation and communication keep programs audit-ready.Filmed live at CUICON 2025, this episode offers advice for contractors looking to take ownership of their cybersecurity posture — without assuming their vendors have it all covered.Watch the full Episode on YouTube.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Mark Berman, CEO of FutureFeed, for a live conversation from CUICON 2025 in Tampa.Mark shares insights into how FutureFeed’s approach to CMMC goes beyond checklists, emphasizing cultural change, documentation, and accountability. They explore why the RACI model is key to operationalizing security and how middle management often leads the charge in educating leadership. Mark also previews CEIC West 2025—including the popular pre-conference CCP training.

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Carley Salmon, Senior Security Specialist at Microsoft Federal, to discuss the intersection of AI, compliance, and CUI protection.Carley shares insight from her experience at DCMA, DIBCAC, and Microsoft, focusing on what organizations need to know about using generative AI tools like Copilot in regulated environments. She explains why labeling and access control are more critical than ever — and how security, not just productivity, needs to drive adoption in the defense space.Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, Derek White, Chief Operating Officer of Cuick Trac, is joined by Vishal Amin, General Manager of Security Solutions at Microsoft, to discuss how Microsoft is helping the defense community navigate rapid changes in security, compliance, and AI innovation.Recorded live at CUICON 2025, Vishal explores the role of GCC High, Microsoft Sentinel, and security automation in supporting both large integrators and SMBs across the Defense Industrial Base. He shares how partnerships, platforms, and AI-driven tools are converging to enhance threat detection and compliance readiness in a dynamic threat landscape.Watch the full Episode on YouTube.

In this episode of the Cuick 10 Podcast, filmed live at #CUICON 2025, Derek White, Chief Operating Officer of Cuick Trac, is joined by Eric Crusius, Partner and Government Contracts Practice Chair at Hunton Andrews Kurth LLP, to talk about what CMMC “Day One” really means from a contracts and legal perspective.Eric explains how compliance expectations shift once the rule is finalized — including the shift away from lenient SPRS self-assessments and toward mandatory control coverage with limited room for POA&Ms. He also shares why your system security plan is one of the most important compliance documents you’ll ever create, and how legal missteps are likely to be enforced going forward.Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, recorded live at #CUICON 2025, Derek White, Chief Operating Officer of Cuick Trac, is joined by Amanda Adams, Founder & CEO of GSec LLC, to talk about what really goes into supporting organizations through the CMMC journey.Amanda shares her perspective as a longtime RMF practitioner and consultant, offering insight into the realities of documentation, scoping, and the evolving ecosystem. She also addresses the misconception that CMMC is something you can “buy off the shelf” — and why organizations need both education and flexibility to do it right.Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, filmed live at #CUICON 2025, Derek White, Chief Operating Officer of Cuick Trac, is joined by Chuck Orlowski, BISO/CISO at GE Vernova, to discuss the challenges of managing CMMC compliance at enterprise scale.Chuck shares how his team is driving cultural change across one of the world’s largest energy portfolios while tackling CMMC readiness internally and throughout their supply chain. He speaks candidly about what’s still unclear from the DoD, the risks of ignoring contract implications, and why smaller contractors need shared solutions to survive the cybersecurity demands being pushed downstream.Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/

In this episode of the Cuick 10 Podcast, filmed live at #CUICON 2025, Derek White, Chief Operating Officer of Cuick Trac, is joined by Fernando Machado, Managing Principal and CISO at CyberSec Investments, to share lessons from the first wave of official CMMC Level 2 assessments.Fernando explains how the landscape has changed now that C3PAOs are actively certifying OSCs, what contractors should expect during scheduling, and what happens if you’re not ready. He also addresses the nuances around significant changes to a system post-certification — and what still needs clarification from the DoD.Watch the full Episode on YouTube: https://www.cuicktrac.com/cuick-10-podcast/