This episode is for informational purposes only and does not constitute legal advice.

In this episode, I break down why building a trusted ecosystem of vendors, consultants, peers, and industry voices is essential to managing both cost and risk in today’s regulatory environment.

I walk through how to properly vet each component of that ecosystem and what to look for, what to avoid, and where organizations consistently get it wrong. From evaluating vendor capabilities and consultant credentials to leveraging peer insights without falling into echo chambers, this episode focuses on practical, defensible decision-making.

The goal is not to outsource responsibility, but to build a network that strengthens your governance model, reduces unnecessary spend, and positions your organization for sustainable compliance.

If you are trying to navigate CMMC, NIST 800-171, or broader regulatory expectations without overspending this episode provides a structured approach to doing it right.

The NICE Cyber Workforce Framework can be found here: https://niccs.cisa.gov/tools/nice-framework

In this special edition of Ooey Cooey, Leslie Weinstein—a recent graduate of the University of Baltimore School of Law—shares her firsthand experience taking the February 2026 Maryland UBE while it is still fresh. This episode is dedicated to her UBalt Law friends preparing for their own exam and is designed to reduce anxiety through practical insight and perspective

Bar Exam Episode

Leslie walks through:

• What to expect on exam day (location logistics, timing realities, laptop software surprises, and practical packing tips)
• The structure of the UBE (MPT, essays, and a full day of 200 multiple-choice questions)
• Study reflections, including her experience with Themis and how bar exam questions compared to prep materials
• Tactical multiple-choice strategies—especially spotting standards of review and reading the call of the question carefully
• High-yield doctrinal refreshers across Civil Procedure, Criminal Law, Contracts, Property, and Torts
• Nuanced distinctions that frequently appear on the exam (e.g., larceny by trick vs. false pretenses vs. embezzlement; impleader vs. interpleader vs. intervention; strict vs. intermediate vs. rational basis review)

The episode closes with perspective: the bar exam is significant, but it is not destiny. Regardless of outcome, your professional future remains intact.

A candid, structured, and practical debrief for law students who want clarity, reassurance, and a focused reminder of what actually matters when walking into the Uniform Bar Exam.

If you are considering entering the Department of Defense market—or you are already in it but hoping CMMC might quietly go away—this episode is for you.

In this foundational discussion, I break down:

• What CMMC actually is (and what it is not)
• How CMMC relates to DFARS 252.204-7012 and NIST SP 800-171
• When CMMC applies—and when it does not
• Why there is no universal CMMC deadline
• What “condition precedent to award” really means
• How scoping decisions materially impact cost and audit burden

In this episode, I also examine the phased implementation timeline, the contracting officer’s discretion in including CMMC requirements, and the structural realities of the C3PAO ecosystem that influence assessment cost and availability.

Bottom line:
CMMC is a DoD acquisition requirement designed to verify implementation of NIST SP 800-171. It becomes binding when it appears in your solicitation or contract—and it follows the flow of DoD information within your environment, not necessarily your entire enterprise.

If you work with DoD information—or are considering entering that market—strategic scoping and early planning are not optional.

Connect with me on LinkedIn, and if this episode clarified something for you, share it with your work bestie.

And remember—don’t say “cooey.” It’s ooey.