Agenda
Times are subject to change.
Keynote
CMMC: Where We Are and What to Expect
Matt Travis
Chief Executive OfficerThe Cyber AB
Underwriter
Spotlight
Industry’s Evolution to Support CMMC and Reduce Supply Chain Risk
As we near the implementation of CMMC, Industry continually realigns itself to support the Defense Industrial Base and increase cyber resilience. The breadth and depth of offerings for advisory, managed services, and purpose-built technology platforms to enable CMMC compliance continues to grow. There are many challenges DIB organizations will have to solve and this growing variety of choice helps accelerate the CMMC journey. One key area of innovation has been GRC platforms tuned manage the CMMC lifecycle. From establishing a baseline, managing remediation efforts and certification assessments, and the ongoing management of cyber risk, GRC platforms provide great value for advisory organizations, managed providers, and Organizations Seeking Certification.
Alex Whitworth
Sales DirectorCarahsoft Technology Corp.
Robert Hill
Founder & CEOCyturus Technologies, Inc.
Panel
The New Rule: What We Know and What's Next
The highly anticipated Title 32 rule that will govern CMMC is under review at the Office of Management and Budget’s Office of Information and Regulatory Affairs, and could be released within days of this summit. This expert panel will discuss the latest developments, the timeline for actual implementation and the near-term implications for the Defense Industrial Base.
Bob Metzger
ChairCybersecurity and Privacy Practice Group
Jack Wilmer
Chief Executive OfficerCore4ce
Nick Wakeman
Editor-in-ChiefWashington Technology
Underwriter
Breakout Session
Minimizing the Burden of Security & Compliance with Automated Evidence Collection
Automated security and compliance evaluation through real-time analytics and continuous monitoring reduces the burden of attaining and maintaining compliance by over 50%. By automating DFARS and CMMC, along with other NIST compliance efforts, we enable the Defense Industrial Base (DIB), critical infrastructure organizations, and other forward-looking organizations to strengthen their compliance and security posture.
Jim Barge
CEO and Founding PartnerSP6
George Perezdiaz
Practice Leader, Cyber Risk and ComplianceSP6
Underwriter
Breakout Session
The View of CMMC from One Corner of the DoD Defense Industrial Base
What is it like to be part of the defense industrial base (DIB) but with a huge worldwide set of customers, partners, and integrators that you work with? CMMC is born of legitimate concerns about the cyber security for the DIB. The supply chain represents an enormous, complex variety of products, partners, integrators and other providers. We're going to examine some of the requirements that have flowed down and from the perspective of a technology and IT provider and vendor that services the DoD. We'll go into the impacts, how we are handling and processes the application of CMMC to our environments, how it overlaps with existing & continuous efforts to improve our cyber posture. We'll also look at where commonalities lie and can be leveraged with other efforts around supply chain and security to improve the state of the art for all.
John Dvorak
Chief Technology Officer, North America PublicRed Hat
Underwriter
Breakout Session
Securing the Future: Google Cloud's AI-Powered Approach to Security and Compliance
In today's data-driven world, the need for robust cybersecurity measures is more critical than ever. In this breakout session, attendees will learn how Google Cloud's comprehensive security solutions can help their organizations achieve and maintain CMMC compliance. We will review Google Cloud's commitment to security and Responsible AI in the public sector. We will also discuss how Google Cloud's security solutions help public sector entities protect sensitive data while ensuring that your AI projects are aligned with your ethical and compliance obligations.
Matt Ashton
Partner, Solutions EngineerGoogle Cloud
Breakout Session
Legal Considerations
In this session, attorney Michael Gruden joins Washington Technology for a closer look at the legal considerations and associated risks of working in CMMC. Topics include risk assessment and management, supply chain considerations, and working with the defense industrial base on proper cloud service and FEDRAMP certification.
Michael Gruden
CounselCrowell & Moring LLP
Breakout Session
What to Expect in CMMC L3: Breaking Down NIST 800-172 from an Assessor's Perspective
With CMMC rulemaking progressing and the pending draft CMMC documentation updates, the CMMC ecosystem is learning what may come with CMMC L3 based on NIST 800-172. In this session, Schellman CMMC Practice Leaders and SMEs Marci Womack and Tim Walsh will provide the assessor's perspective on the 172 requirements, what assessors will be looking for from OSCs when assessing the requirements, considerations for testing, and potentially impactful new requirements to be prepared for.
Marci Womack
Director, Federal PracticeSchellman
Tim Walsh
Manager, Federal PracticeSchellman
Breakout Session
Coaching to Operationalize Your CMMC Program
Tony Buenger (CCISO, CISSP, CISM, CGEIT)
Vice President, Cyber Advisory ServicesSecureStrux, LLC
Breakout Session
Supply Chain Risk from the Prime's Perspective
A perspective on the importance of understanding the risks in your supply chain, what are the right questions to ask, how to conduct surveys or otherwise understand their CMMC readiness, and share examples. This will include sharing summary information about JCFS' survey results.
Amit Reizes, P.E., CISSP, MBA
Director - Information Technology Security & ComplianceJohnson Controls Federal Systems
Matt Gilbert, CISA, CRISC
PrincipalBaker Tilly
Breakout Session
Vetting your MSPs
Join us for a session dedicated to helping Organizations Seeking Certification (OSCs) make well-informed decisions when vetting Managed Service Providers (MSPs) for their CMMC requirements.
Read MoreDr. Thomas Graham, CISSP, MBA, CCA/PI
VP and CISORedspin
Tara Lemiuex, PA/PI/CCP/CCA/ISO
Lead Auditor, CMMC ConsultantRedspin
Underwriter
Main Stage
Understanding CUI, FCI, and ITAR
In this session, Matt Travis, CEO of The Cyber AB, will address some of the common misperceptions about CUI, FCI, and ITAR and what both industry and government needs to do on this front in order to enable CMMC success.
Matt Travis
Chief Executive OfficerThe Cyber AB
Main Stage
CMMC for the Small Business
Helping small business get beyond the fear, uncertainty, and doubt (FUD) to understand CMMC and set realistic expectations.
Read MoreEmery Csulak
vCISO and Director of Cybersecurity ComplianceBoston Government Services, LLC (BGS)
Underwriter
Main Stage
CMMC Enclaves: Will They Work for My Company?
Join Daniel Akridge to explore the most common questions that need to be answered to determine if a CMMC Enclave is a good fit for your organization.
Daniel Akridge
Director of EngagementSummit 7 Systems
Main Stage
Leveraging CMMC for Maximum Value
CMMC preparation is not in a silo, nor is it a sunk cost. Many CMMC requirements overlap with other compliance regimes, so meeting them can kill two -- or more -- birds with one stone. This session will explain how CMMC provides value beyond its core scope of securely doing business with DOD.
Don MacLean
IndependentConsultant
Main Stage
Go ahead. Click on it
Every purchase decision is a security decision. HP makes the world’s most secure PCs, and I can tell you how.
Andy Levitt
Security Sales PrincipalHP Inc.
Main Stage
SP 800-171 (rev 3)
NIST Special Publication 800-171 plays a foundational role in the CMMC Ecosystem, and the latest revision – currently in Initial Public Draft stage – is a road map for how organizations should approach their controlled unclassified information. This conversation with NIST leaders will detail the most important guidelines in SP 800-171 for organizations looking to lay the groundwork for CMMC certification.
Victoria Yan Pillitteri
Manager, Security Engineering & Risk Management GroupNIST
Troy Schneider
PresidentGovExec 360