Rich Bates serves as Chief Information Officer at Zeiders Enterprises, a government contractor providing quality-of-life services to the Department of Defense. From embedding counselors aboard Navy ships to supporting military families through financial coaching and suicide prevention, Zeiders operates in a mission-critical environment where compliance and security intersect with human services. With mounting regulations around controlled unclassified information (CUI), Rich’s CIO role now centers on translating evolving cyber mandates—like CMMC—into clear, actionable policy and infrastructure.
At Zeiders, Rich champions both operational security and organizational education, ensuring staff at every level—from call center agents to executives—understand their role in protecting sensitive data. He blends servant leadership with real-world strategies, simplifying complex cybersecurity into practical frameworks that empower employees, reduce risk, and strengthen defense posture.
Here’s a glimpse of what you’ll learn:
- Why CMMC is becoming a critical priority for government contractors
- How to approach audits and assessments with a strategic mindset
- The difference between policies, procedures, and evergreen documentation
- Why enclave environments like GCC High are reshaping contractor infrastructure
- How to communicate cybersecurity risks and best practices to non-technical staff
- Tips for writing a strong System Security Plan (SSP) using NIST and FedRAMP templates
- The growing importance of threat hunting and cyber career paths for young professionals
In this episode…
Rich Bates dives into the reality of federal cybersecurity requirements, offering a grounded look at how CMMC and NIST 800-171 are reshaping government contracting. He shares how Zeiders navigates the “woolly mammoth” of compliance by focusing on policies that are both thorough and adaptable. Rather than bogging down in static documentation, Rich keeps his System Security Plan evergreen, linking out to living procedures that evolve with tools and systems—ensuring agility in audits without sacrificing structure.
For contractors wrestling with cloud and remote work, Rich breaks down the value of enclave environments, particularly Microsoft GCC Moderate and High. He emphasizes that even call centers—once considered too complex for secure remote deployment—are becoming more viable thanks to FedRAMP-approved platforms and integrated encryption. His biggest caution? Don’t let program offices over-secure projects to the point of eliminating good vendors: “If IL2 is good, IL4 isn’t necessarily better—it’s just more restrictive.”
Beyond technical controls, Rich shines in communicating with everyday users. In company-wide standups, he avoids jargon and delivers “news you can use,” like how to create strong, memorable passwords or why phishing emails now look indistinguishable from legitimate ones. He teaches with humor (“I’m going to manufacture a keyboard with a built-in whiteboard for sticky notes”) but his message is serious: cyber starts at the keyboard, and the people behind it matter most.
Finally, Rich offers a compelling call to action for future cybersecurity professionals: focus on threat hunting. He shares why puzzle-solvers, neurodivergent thinkers, and those drawn to pattern analysis are uniquely equipped to succeed in this field. For young people—or parents of kids interested in cyber—he recommends exploring free labs, SANS resources, and even military cyber commands as a launchpad into the world of defense-grade cybersecurity.
Resources mentioned in this episode:
Matthew Connor on LinkedInCyberLynx
Rich Bates on LinkedIn
Zeiders Website
Sponsor for this episode...
This episode is brought to you by CyberLynx.com
CyberL-Y-N-X.com.
CyberLynx is a complete technology solution provider to ensure your business has the most reliable and professional IT service.
The bottom line is we help protect you from cyber attacks, malware attacks, and the dreaded Dark Web.
Our professional support includes managed IT services, IT help desk services, cybersecurity services, data backup and recovery, and VoIP services. Our reputable and experienced team, quick response time, and hassle-free process ensures that clients are 100% satisfied.
To learn more, visit cyberlynx.com, email us at help@cyberlynx.com, or give us a call at 202-996-6600.