At CS5 2025, Dave Gardy from Cybersecurity TV catches up with Dr. Thomas Graham, VP and CISO at Redspin — one of the first Authorized C3PAOs for CMMC.
In this fast, no-fluff chat, Dr. Graham explains why “words mean something” in compliance — and how the right documentation can make or break your certification. Highlights:
-
Who Redspin is and what sets them apart in the CMMC space
-
The current assessment schedule and why it’s go-time for contractors
-
Redspin’s infamous “Compliance Confession Wall”
-
The biggest mistakes orgs make (hint: documentation isn’t just paperwork)
-
Why your SSP should show how you do it — not just say you do
Book a meeting to get CMMC certified with Redspin: