CMMC

2022 Virtual CMMC Summit

Below, please find the recordings and slide decks for each of the sessions.

Keynote: State of the Union for CMMC

Speakers:
Stacy Bostjanick CMMC Program Head, U.S. Department of Defense
William Spence Team Chief @ Defense Industrial Base Cybersecurity Assessment Center (DIBCAC)
Jennifer Henderson Cybersecurity Specialist/ Future Operations @ DIBCAC
 
Overview:
Stacy provided participants with an update on the CMMC program’s timeline as well as information on the steps defense contractors need to take to be ready for CMMC’s rollout in 2023.
 
William and Jennifer will provide an overview of what DIBCAC will expect from defense contractors need to pass voluntary assessments today and CMMC assessments in 2023. Here is a link to their slide deck.

Back to top

 

 

 

Legal Requirements for Meeting the NIST and CMMC Compliance Standards

Speaker:
Robert Metzger Partner @ RJO; Co-author of MITRE “Deliver Uncompromised” Report
 
Overview:
In his session, Robert provided participants with an in-depth understanding of their legal obligations to meet the NIST and CMMC compliance standards today and the implications of failing to meet them.

Back to top

 

 

 

Lessons from C3PAOs on Voluntary Assessments

Speakers:
Stacy High-Brinkley– CISO @ Cask (Authorized C3PAO)
Stuart Itkin– VP CMMC and FedRAMP Assurance @ Coalfire Federal (Authorized C3PAO)
Marci Womack– CMMC Provisional Assessor & CMMC Lead @ Schellman (Authorized C3PAO)
Robert Teague – Manager CMMC Services @ Redspin (Authorized C3PAO)
 
Overview:
 
In this session, four C3PAOs shared the lessons they learned from conducting some of the first Voluntary Assessments on defense contractors. In addition these C3PAOs shared important take aways for defense contractors in upcoming CMMC assessments.
 

 

 

Achieving CMMC Compliance – Primes’ Expectations for their Subcontractors

Speakers:
JC Dodson – VP & Chief Security Officer, BAE Systems
 
Overview:
 
This session provided insights from JC Dodson (VP & Chief Security Office, BAE Systems) on the compliance expectations Prime contractors like BAE have for their subcontractors. In addition, it looked at the consequences and repercussions defense contractors can face should they have low SPRS scores, fail to file an SPRS score or suffer a cyber incident and have not made adequate plans for Incident Response or meeting their DFARS c-g requirements.

Back to top

 

 

 

Master Class in Compliance with Jill Lawson

Speaker:
Jill Lawson – DoD Acquisition Policy Specialist
 
Overview:
 
Jill was instrumental in providing important feedback on the initial drafts of the CMMC standard. In addition, Jill has over 30 years of contracting experience in the DoD. She will bring this wealth of experience to her Master Class where she will help participants understand key compliance drivers and how they can facilitate meeting their CMMC compliance requirements.

Back to top

 

 

 

An Accelerated Path to CMMC Compliance

Speakers:
Ted Steffan – Lead Compliance Acceleration @ Amazon Web Services (AWS)
Matt Majot – Director @ ComplyUp
Jose Neto – Founder, PC Warriors
 
Ted Steffan, Matt Majot and Jose Neto delivered a tactical session to help defense contractors understand a practical path to accelerating their CMMC compliance obligations and preparing for DoD assessments. Their session brought together many of the themes of the CMMC Day, focusing on how contractors can get started on their DFARS 7012 and NIST 800-171 compliance, how Governance, Risk & Compliance (GRC) tools can help organize compliance efforts and what tools are available to help them protect their CUI.Here is a link to the slide deck.

Back to top

 

 

 

Master Class in Compliance with Ryan Bonner

Speakers:
Ryan Bonner – Founder & CEO @ DEFCERT
 
Ryan Bonner – a sought after speaker on NIST 800-171, CMMC and DFARS 7012 compliance – enabled attendees to understand how they should prepare for a rigorous assessment of their organization. Here is a link to his slide deck.

Back to top

 

 

 

What you need to know about CMMC & NIST 800 171

Speakers:
John Verry – CISO & Managing Partner, Pivot Point Security
Tony Bai – Director – Federal Practice Lead, A-Lign
Joe Chavarria – CEO Total Cyber Solutions
 
John, Tony and Joe have deep experience in advising contractors on how to meet their NIST 800-171 and CMMC compliance standards. In this session they provided attendees with an explanation of the two standards, how they overlap and how they are different.

Back to top

 

 

 

Achieving ITAR Compliance with End-to-End Encryption

Speakers:
Matt Henson Global Trade Solutions Orchestrator @ TC Engine
Alex Major Partner & Co-Leader, Government Contracts and Global Trade Group @ McCarter & English, LLP
 
Matt and Alex will discuss the updates to ITAR compliance regulations that permit the use of end-to-end encryption and how these updates facilitate compliance. Here is a link to their slide deck.

Back to top

 

 

 

A Master Class in Secure Enclave

Speakers:
Scott Singer President @ CyberNINES, Authorized C3PAO
 
One of the most important ways in which defense contractors can facilitate their compliance is by limiting the scope of who has access to their Controlled Unclassified Information (CUI). This is referred to as a secure enclave. Scott Singer, President of CyberNINES, an authorized C3PAO, as well as a CMMC Registered Practitioner, explains in this session how a secure enclave works and how creating one saves time and money as well as minimizing complexity. Here is a link to the slide deck.

Back to top