BEMO
Trust Issues
For decades, government contractors and regulated SMBs have been trapped inside compliance checkboxes - it's time for change. They’re on the lookout for real security solutions, and Trust Issues is where that conversation begins. Produced by BEMO and hosted by Bruno Lecoq, the show pulls back the curtain on what’s actually happening inside the CMMC, GRC, and cybersecurity ecosystem. Each episode brings together auditors, implementers, GRC platforms, and business leaders to unpack CMMC, zero trust, and modern security. With every conversation, we decode the “industry drama” and explore what it...
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
The CMMC Mistake That Could Cost You Twice. 07.07.2026 27:08
Mock audits are not just a nice-to-have before CMMC certification. They can be the difference between catching a fixable issue early and paying full price to start over. In this episode of Trust Issues, Brandon and Bruno Lecoq welcome Cindy Oliveto, Senior Director, Operations at BEMO, back to the show to talk through why mock audits matter, what they reveal, and why CMMC success depends on the wh...
Why CMMC became necessary in the first place. 30.06.2026 55:33
CMMC did not appear overnight - it followed more than a decade of cybersecurity requirements, industry resistance, weak self-assessments, and contractors claiming compliance without doing the work. In this episode of Trust Issues, Brandon and Bruno Lecoq hear from Stacy Bostjanick, VP of Government Services Strategy at Cybersec Investments and former Director of CMMC Policy at the Pentagon, on why...
Has CMMC Changed Cybersecurity Culture Forever? 23.06.2026 31:58
Being CMMC-ready isn’t just about having your paperwork in order. It’s about having a security culture that’s ready for change. In this episode of Trust Issues, Brandon and Bruno Lecoq welcome Karen Connor, Founder of ReThinQ Labs and cybersecurity compliance expert, to unpack the kind of culture that sets organizations up for CMMC success. They explore why most organizations fail their assessment...
The four phases of a CMMC assessment 16.06.2026 51:10
Norris Carden joins the show to discuss the realities of becoming a certified defense contractor. He shares how his journey from broadcast journalism to the front lines of cybersecurity informs his perspective on auditing. This discussion explores the critical components of a successful assessment and why skipping steps can lead to immediate failure.
Treat AI agents like human employees 09.06.2026 40:33
AI is moving at lightning speed, and your organization's security must be ready to keep up. In this episode of Trust Issues by BEMO, hosts Bruno and Brandon reveal a battle-tested four-phase maturity model to transform AI from a hidden risk into a secure asset. Tune in to discover the hidden truth about shadow AI in your environment and learn how to prepare for the inevitable shift toward ISO 4200...
The Evolution and Enforcement of CMMC with Jacob Anderson 02.06.2026 32:39
Join Jacob Anderson, founder of Beyond Ordinary Software Solutions, as he explores the fundamental shift in the defense industrial base from self-reporting to rigorous enforcement under CMMC. This episode examines the evolution of compliance tools like Cyber Sam and why small businesses often fail their audits by ignoring physical access requirements. Jacob breaks down the reality of building a li...
CMMC Is Basically an IRS Audit (Here's What We Learned) 26.05.2026 36:03
The phrase “Third time’s the charm” gets a makeover in the latest episode of Trust Issues as Brandon and Bruno Lecoq take us behind the scenes of BEMO’s journey to CMMC success and how they finally cracked it on their fourth try. Hear from their rockstar team - Cindy, David, Ademar, Cata, Bruno, Shamiso, and Sylwia - about the critical decisions, surprising challenges, and hard-won lessons that de...
How BEMO Aced CMMC Level 2 19.05.2026 42:01
Getting CMMC Level 2 certified isn't about checking a box. It's about fundamentally transforming how your organization operates, and the path to certification is far more rigorous than most companies anticipate. In this episode of Trust Issues, Brandon and Bruno Lecoq share their firsthand experience achieving CMMC Level 2 certification as an MSSP, walking through the mock audit process, the docum...
Security Lessons from a Microsoft Veteran 12.05.2026 24:09
Dive into the evolving world of cybersecurity and compliance with Bruno Lecoq and Brandon Lecoq. This episode uncovers the reality of securing your organization using a streamlined Microsoft approach and why proper implementation takes dedication. Discover the hidden risks of ignoring basic security protocols and how continuous monitoring can protect your business from unseen threats.
This CMMC Myth Is Costing You $200K a Year 05.05.2026 36:32
What if your CMMC compliance could be built on proven experience rather than guesswork? In this episode of Trust Issues, Brandon sits down with Nicholas Bakewell, Director of Information Security at Acuris Aerospace and Lead CCA at Redwood Cyber Services, to explore what CMMC compliance actually looks like from the inside, how to move from documentation theater to real security, and why the first...
The CMMC Myth That's Costing SMBs Millions 28.04.2026 47:37
The CMMC journey is a lot harder than people think it is, and we’re unpacking the truth on this episode of Trust Issues. Tune in as hosts Brandon and Bruno Lecoq sit down with Raymond King, Senior Customer Success Manager at BEMO, to unpack the real CMMC compliance journey - from the initial self-assessment through final audit. Raymond reveals why most companies dramatically underestimate the work...
The CMMC Trap: Why Certification Isn’t Compliance 21.04.2026 38:17
Discipline is the difference between winning and losing - even in the world of security and compliance. In this episode of Trust Issues, hosts Brandon and Bruno Lecoq welcome Cindy Oliveto, Senior Director of Operations at BEMO, to break down why government contractors struggle with certification, how to avoid the "checkbox trap,” and why automation and clear ownership are non-negotiable for real...
Why Security Complacency is the CEO's Greatest Mistake 14.04.2026 22:22
You wouldn’t drive a car without insurance, would you? Then why run a company without giving security the utmost thought? In this episode of Trust Issues, Brandon Lecoq and Bruno Lecoq, CEO/CISO at BEMO, confront the uncomfortable truth about cybersecurity in SMBs: size doesn't determine risk, security hygiene does. Drawing on real-world attacks from BEMO's 478-client base, Bruno shares critical M...
BEMO’s Blueprint for the CMMC Revolution 07.04.2026 51:25
Security may never be 100% foolproof, but that’s no reason to stop striving for it. In this episode of *Trust Issues* by BEMO, hosts Bruno Lecoq, CEO and CISO, and Brandon Lecoq, Head of Sales, team up for an eye-opening conversation that cuts through the noise of compliance and security. Together, they tackle why checking compliance boxes isn’t the same as being secure, how a Microsoft-centric ar...
Your Compliance Report Might Be Worthless 31.03.2026 25:56
Reports of a widespread SOC 2 fraud scheme have exposed the dangerous gap between “compliance theater” and REAL security, forcing the industry to reckon with the cost of cutting corners. In the debut episode of the Trust Issues podcast, host Brandon Lecoq welcomes Joseph Candelario, Business Development, Partnerships and Marketing Executive at BEMO, to discuss an emerging fraud scheme involving a...
Trust Issues Trailer 27.03.2026 0:59
Compliance has a trust problem. Everyone says they can get you certified. Everyone claims to be “security-first.” And yet, breaches still happen, systems fail, and data is lost. So what’s actually going on? Trust Issues is the podcast where we unpack what real security looks like, beyond the checkboxes, buzzwords, and sales pitches. We sit down with auditors, implementers, GRC platforms, and indus...
Why CMMC Matters: A Deep Dive into Security Standards 28.11.2025 41:13
Why are so many DoD contractors shocked by CMMC… when the security requirements have been around for almost a decade? 😅We break down what’s actually driving the panic: companies realizing they’ve skipped years of basic security work. No MFA. No Intune. Still on GoDaddy. Still on Microsoft Business Basic. Still trusting that “nobody will check.” And now that third-party audits are here, the bill i...
Outsourcing Compliance: When and Why It Makes Sense 21.11.2025 40:25
If you’ve ever wondered whether you should handle compliance in-house or call in experts, this episode gives you the honest, behind-the-scenes breakdown. In this episode, Brandon and Joseph break down the real reasons companies decide to outsource compliance—and why it’s often the smartest move you can make when revenue, timelines, and focus are on the line.
Smart Compliance Tip 2: Know When to Outsource 14.11.2025 23:38
Compliance doesn’t have to drain your time (or sanity). One of the biggest challenges for growing teams is knowing when to outsource compliance. If your internal team is stretched thin, or you’re just starting to think about frameworks like SOC 2 or ISO 27001, outsourcing to a Managed Security and Compliance Provider (MSSP) or consultant might be your best move.
Smart Compliance Tip 1: Understand Business Impact 07.11.2025 28:19
We kick off our Smart Compliance Tips series with an important mindset shift: understanding your business impact. Too often, IT managers and tech staff are handed compliance tasks simply because leadership assumes “it’s an IT thing.” But compliance is a business-wide responsibility — one that affects revenue, ROI, and company growth. When you start thinking in business terms — metrics, risk, and o...
The Compliance Checklist Mentality - A Growing Problem 31.10.2025 27:53
Still treating compliance like a checklist? 😬 It’s time to break the habit. In this episode of Trust Issues, Joseph and Brandon tackle the growing concerns surrounding compliance in the tech industry, particularly focusing on the checklist mentality that's infiltrating the SOC 2 certification process. We explore how this approach, pressures auditing firms and companies alike to cut corners an...
You Bought a GRC Platform...Now What? 24.10.2025 16:37
Getting compliant takes more than just buying a tool. In this episode of Trust Issues, Joseph and Brandon break down a major misconception in the compliance world: thinking a GRC platform will HANDLE compliance for you. Spoiler alert: it won’t. They discuss why GRC software is just the starting point, not the finish line. It helps you understand where you stand, but it won’t implement controls, wr...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.