Cloud Security & Compliance Unveiled: A Recap of GRC Academy’s Podcast

In this latest GRC Academy podcast, founder Jacob Hill chats with Deltek’s Cloud & Cybersecurity Product Marketing Manager, Michael Greenman, about cybersecurity compliance requirements for government contractors−specifically, those working with the Department of Defense (DoD) regarding CMMC and the role that cloud service providers (CSPs) like Deltek play in the process.

The GRC Academy is a training and research platform designed to educate anyone who wants to increase their knowledge on governance, risk and compliance. In this episode, Jacob and Michael talk about why demonstrating security requirements for compliance can be confusing and misleading and how Deltek provides abundant evidence about its cloud security posture to customers so they can independently verify these claims. Focusing on why customers need to know what's inherited, what's shared, and what's the customer's sole responsibility when it comes to compliance.

The two also discussed the origins of CMMC and how it enforces the requirements of Defense Contract Clause DFARS 252.204-7012 by certification of cybersecurity maturity and how the DoD can make vetting of cloud providers easier for assessors. Noting, once CMMC is fully operational and enforcement starts, Deltek customers will be in good hands because of the investment and work done over the past few years.

Tune into the GRC Academy Podcast to listen to the entire interview and learn more about how Deltek’s Cloud helps support cybersecurity compliance for government contractors.