Speakers

Daniel Akridge is the Director of Engagement at Summit 7. In this role he assists DoD Contractors in achieving DFARS 7012, CMMC, and ITAR Compliance by leveraging the Microsoft Government Cloud. Summit 7 is a recent Microsoft Partner Award Winner for Compliance and has over 750 Defense Industrial Base suppliers as customers.

Matt Ashton is a Google Cloud Partner Evangelist and Engineer with over 10 years of experience supporting Public Sector networking, security,and hybrid cloud projects.

Matt is passionate about helping organizations strengthen their network security posture and modernize their IT/OTinfrastructure. Matt has a deep understanding of Federal best practices in network observability, hybrid- and multi-cloud, Zero Trust security, and big data analytics.

Matt is a frequent speaker at industry events and has published several blogs and virtual webinars on cloud computing and security.

Jim Barge is the CEO and founding partner of SP6. Directly involved in all aspects of overseeing development amongst his organization, Jim’s efforts have cultivated a team of experienced professionals dedicated to leveraging elite services and solutions.

With over 25 years of experience in IT security services, Jim’s dedication lies in serving organizations where they need it most. From this passion, SP6’s core mission is to bridge the gaps between security analytics and cyber compliance. Beyond service, Jim has facilitated the development of ASCERA, a cyber compliance tool that automates evidence collection and reporting.

At SP6, Jim’s leadership exemplifies an integrity-first approach. Taking inspiration from the valor of Navy Seals, SP6’s core values encourage team members to push beyond their limits and discover new ways to improve themselves personally and professionally.

Tony is originally from Baltimore, Maryland.  He received his Bachelor of Science in Electrical Engineering from the University of Maryland via an Air Force ROTC scholarship. In 2007, he retired from the Air Force after 22 years of service and has over 25 years of experience in the information technology and cyber security arenas.   

Tony has fulfilled various roles, from information system security manager, NIST certifying authority for the USAF, CISO at hospitals and higher education institutions, and cyber security consultant.  During his 8 years working FISMA for the USAF, he worked on a tiger team to convert the USAF from a DoD static compliance-based framework (DIACAP) to the risk-based NIST Risk Management Framework (RMF).  Tony was previously with Redspin and co-led the effort to become the first Authorized CMMC 3rd Party Assessment Organization to achieve formal CMMC Certification.  Tony is unique in this regard as he has led SecureStrux, LLC to achieve CMMC Certification to become an Authorized C3PAO, making this his second time passing a CMMC Assessment.

Tony has been involved with the CMMC Ecosystem since nearly day one.  Tony is a CMMC Provisional Instructor (PI), CMMC Certified Professional (CCP), and Certified CMMC Assessor (CCA). Tony graduated from the first CMMC Provisional Assessor (PA) training course in 2020.  He has actively participated in working groups on behalf of the Cyber AB to improve the CMMC Ecosystem, including developing the exam objectives for the Certified CMMC Professional (CCP) and Certified CMMC Assessor (CCA) credentials.

Tony is an experienced instructor within cybersecurity, fulfilling roles such as full-time military faculty teaching master’s degree information security courses at the National Defense University, adjunct instructor and co-developer of the master's degree level cyber security program at Auburn University-Montgomery, and lead faculty chair for cyber security and networking at the University of Phoenix. 

He has multiple certifications in information security, security management, and enterprise information technology, including the Certified Chief Information Security Officer (CCISO), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Governance of Enterprise Information Technology (CGEIT). 

Mr. Csulak possesses extensive experience performing cybersecurity compliance, strategy development, and policy implementation in government and industry roles. He is currently serving as vCISO and the Director of Cybersecurity Compliance at Boston Government Services, LLC (BGS). He is assisting businesses in addressing their Cybersecurity Maturity Model Certification (CMMC) compliance goals and addressing cyber organizational strategic goals. 

Mr. Csulak served in government senior roles including the federal Chief Information Security Officer (CISO) for the Department of Energy (DOE), CISO and Senior Privacy Official for the Centers for Medicare and Medicaid Services (CMS), as well as the Deputy CISO/Acting CISO for the Department of Homeland Security (DHS). He co-chaired the Health Care Industry Cybersecurity Task Force in 2017 to analyze the challenges the health care sector faces when securing and protecting against cybersecurity incidents. While serving as the DHS representative, he was a founding member of the Federal Risk and Authorization Management Program (FedRAMP) for cloud computing adoption and security authorization within the federal government.

John Dvorak is Chief Technology Officer for the North America Public Sector at Red Hat. He leads a team of experienced Chief Architects and open source thought leaders who focus on the diverse mission requirements of Federal, State, Local, and Education customers. His team helps to shape and communicate the Red Hat technology vision; co-innovates with customers, partners, and associates; and advocates for Public Sector interests within Red Hat and Open Source communities.

Dvorak has spent over 25 years as a technology leader in the Federal Government and industry. He is a former FBI Senior Executive who led efforts in data analytics, enterprise engineering, and software development within the law enforcement and intelligence communities. He began his civil service at the National Institutes of Health (NIH), where he oversaw network engineering and drove several cybersecurity modernization efforts. Prior to joining Red Hat, he served in Chief Information Officer (CIO) and Chief Technology Officer (CTO) roles within the systems integrator community, maintaining a focus on government mission requirements. He maintains active participation in multiple industry and government cooperative forums.

Matt is a principal in Baker Tilly's risk advisory practice. Matt joined Baker Tilly in 2020 . He leads our Cybersecurity Maturity Model Certification (CMMC) and Government Contractor IT Risk suite of services. He has led IT audits and cybersecurity assessments for large primes down to smaller 8A contractors.  Matt’s expertise includes internal auditing, SOX compliance, information technology controls, business process controls, and ERP risk and controls.  Examples of these engagements include CMMC Readiness assessments, 800-171 implementation projects, 800-53 based ATO readiness reviews, IT Risk assessments, Sarbanes-Oxley compliance, internal audit, pre- and post-implementation assessments, and privacy assessments for clients.

Matt is actively engaged in supporting government contractors, grant recipients, state and local governments and federal agencies navigate the CMMC requirements but has extensive experience supporting NIST 800-171 and 800-53 related assessments. Matt has also run fully co-sourced internal audit engagements for large clients (multi-billion dollars in revenues) in the government contracting industry.

Michael G. Gruden, a counsel at Crowell & Moring LLP’s Washington, D.C. office, is a former Pentagon Information Technology Acquisition Branch Chief and a leading cybersecurity lawyer who helps government contractors navigate privacy, cybersecurity, and contract compliance requirements. Drawing from his experience of nearly 15 years at the U.S. Department of Defense and U.S. Department of Homeland Security, Gruden represents some of the nation's largest defense contractors and tech companies as they prepare to meet CMMC requirements and mitigate cyber threats.  Michael is a Certified Information Privacy Professional with a U.S. government concentration (CIPP/G) and a Registered Practitioner under the Cybersecurity Maturity Model Certification (CMMC) framework. Michael serves as co-chair for the ABA Science & Technology Section's Homeland Security Committee.  His relevant experience includes:

• Devising custom strategies to comply with DFARS 252.204-7012, including drafting system security plans (SSPs) and plans of action & milestones (POAMs).
• Counseling clients preparing for certifications at all Levels under the DoD Cybersecurity Maturity Model Certification (CMMC).
• Leading cyber incident response activities including IT forensic investigations, data breach notifications and coordinating regulatory, consumer and state notifications, as appropriate.
• Conducting internal investigations of government contractors, addressing a variety of issues relating to government contracts and cybersecurity requirements.

With over three decades of unparalleled expertise in compliance and risk management, Robert Hill is a visionary leader driving innovation in the industry.  As the Founder and CEO of Cyturus Technologies, Inc, Hill has been instrumental in revolutionizing how Fortune 500 companies navigate complex regulatory landscapes.

Hill's distinguished career has been marked by a relentless commitment to excellence and a deep understanding of corporate compliance intricacies.  His transformative insights have not only shaped the industry's best practices but have also empowered countless organizations to thrive in the face of regulatory challenges.

Throughout his dynamic journey, Hill has been at the forefront of crafting innovative solutions that blend cutting-edge technology and strategic acumen.  His leadership has elevated Cyturus as a trusted partner, guiding companies towards informed decisions, proactive risk management, and regulatory compliance through the integration of their evolutionary SaaS based Continuous Compliance and Risk Management solutions.

Under Hill's visionary guidance, Cyturus has solidified its position as a trailblazer in the unification of the compliance and risk management domains, embodying a commitment to transparency, innovation, and client success.

Tara Lemieux is an internationally recognized cybersecurity expert, speaker and educator. With more than 35 years of experience in the National Defense and Information Security , Tara has established herself as a leading authority on the ever-evolving cyber threat landscape.

Throughout her career, she has provided specialized knowledge and expertise in areas such as cryptography, authentication, cloud security and malware defense. Her understanding of these topics has allowed her to deliver security training sessions to global audiences of both technical and non-technical professionals.

Tara is well-known for developing sophisticated methods to assess risk across a variety of digital assets. She routinely performs vulnerability scans on high-profile federal and commercial information systems, designs incident response plans and participates in computer crime investigations. Her work in this space earned her recognition by organizations worldwide. She is a founding member of the CMMC working groups, and a contributing author to the CMMC Assessment Process

Andy started with Hewlett-Packard company in 1989 as a R&D engineer designing circuit boards for what were then referred to as Mini-Computers. He’s held various engineering, consulting and sales jobs with hp over the last 34 years, and is now the Security Sales Principal for hp’s Federal business. Andy holds a BSEE from Rutgers College of Engineering, and an MSCE from National Technological University. He currently lives in the Navy Yard area of DC, and is trying to convince his wife that they need a dog.

Now an independent consultant, Don Maclean has formerly served as both Chief Compliance Officer and Chief Cybersecurity Technologist, and has also overseen security programs for numerous U.S. Federal agencies, including DOJ, DOL, FAA, FBI, and Treasury.  This experience allowed him to observe the strengths and limitations of traditional cybersecurity defenses.  He holds several certifications including the CMMC Registered Practitioner (RP), and others.  An avid musician, Don frequently organizes concerts for charity every year, and often competes in chess and Shogi (Japanese chess) tournaments. 

Bob Metzger heads the Washington, D.C. office of Rogers Joseph O’Donnell, PC, a firm that has specialized in government contracts for over 40 years. Chambers USA 2023 placed RJO in “Band 2,” among the “Elite” group of government contracts law firms nationwide:

Rogers Joseph O’Donnell is a well-respected government contracting boutique capable of handling a diverse array of federal, state and local procurement mandates on behalf of domestic and foreign clients. Notable litigation and regulatory capabilities, which include internal investigations, false claims proceedings and bid protests. The firm possesses particular expertise in technology matters, regularly representing clients in this space.

Chambers USA 2023 ranked Bob in Band 1 for Government Contracts: Cybersecurity –USA—Nationwide and in Band 2 for Government Contracts – USA – Nationwide and said that he is “routinely called upon by clients for his expertise in cybersecurity matters, assisting clients with high-stakes contract procurements, qui tam litigation and compliance issues.” Chambers reported this Strength: “He is probably the best around in dealing with cybersecurity-related government contract matters.” The Legal 500 describes him as a “key name” and “procurement fraud and national security specialist.”” Who’s Who Legal (2023) identifies Bob as a “Thought Leader – USA – Government Contacts.”

In 2023, Bob is serving as an expert witness hired by a preeminent U.S. law defending its client against potential allegations that cybersecurity practices violated the False Claims Act. He is advising several prominent aerospace and defense and IT firms on cyber compliance matters. Between 2019 – 2021, Bob was Counsel of Record for Microsoft defending the $10 Billion “JEDI” cloud services contract award against a protest at the Court of Federal Claims brought by Amazon Web Services.

Bob is recognized for subject area leadership in cyber, supply chain and related security matters. As a Special Government Employee of the Department of Defense, Bob served on the Defense Science Board task force that produced the “Cyber Supply Chain Report” (April 2017) which subsequently received the SANS Institute “Difference Maker” award. He is a co-author of August 2018 MITRE “Deliver Uncompromised” Report that is widely credited with significant influence on a broad range of security initiatives of the Department of Defense and federal civilian agencies, including the CMMC program. Bob has participated in several other MITRE projects on national security and public policy subjects, with subjects including supply chain illumination, software assurance, ransomware, digital asset crimes and cybersecurity insurance. He was named a 2016 “Federal 100” awardee by Federal Computer Week which cited his “ability to integrate policy, regulation and technology” and said of him: “In 2015, he was at the forefront of the convergence of the supply chain and cybersecurity, and his work continues to influence the strategies of federal entities and companies alike.”

Bob graduated from Georgetown University Law Center where he was an Editor of the Georgetown Law Journal. After law school, he was a Research Fellow at the Center for Science & International Affairs (presently, “Belfer Center”) at the Harvard Kennedy School of Government, where he focused on W. European security. He has many publications and is frequently quoted in media on national security, cyber and supply chain security subjects.

George Perezdiaz is the Cyber Risk and Compliance Practice Leader at SP6. George focuses on assessing and mitigating threats to Controlled Unclassified Information (CUI), Covered Defense Information (CDI), and Federal Contract Information (FCI) through the implementation of secure and resilient controls. George also oversees all NIST Cybersecurity Framework (CSF), Cybersecurity Maturity Model Certification (CMMC), and FedRAMP engagements.

George has over twenty years of cybersecurity experience building, managing, and maintaining cyber risk and compliance programs, performing risk assessments, and developing risk treatment plans. He is a results-driven IT Risk and Compliance Management professional passionate about designing and implementing practical solutions to complex problems. He is a US Air Force veteran and former GS-2210 Civilian with experience supporting the intelligence community, continuity of government operations, and nuclear command and control operations. He has experience designing and maintaining secure information systems for Fortune 500 companies in the specialty material, R&D, aerospace, and defense industries.

Victoria Yan Pillitteri is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). Ms. Pillitteri is the Acting Manager of the Security Engineering and Risk Management Group, and leads the Risk Management Framework team (Federal Information Security Modernization Act (FISMA) Implementation Project). The group conducts the research and development of the suite of risk management guidance used for managing cybersecurity risk in the federal government, and the associated stakeholder outreach and public-private coordination/collaboration efforts. She serves as the lead of the Joint Task Force working group, a partnership with Department of Defense, the Intelligence Community and Civilian Agencies to develop a unified security framework to protect USG from cyberattacks, and is co-chair of the Federal Cybersecurity and Privacy Professionals Forum hosted by NIST. Pillitteri is the co-author of multiple NIST publications, including Special Publications (SP) 800-53, 800-37, 800-171, 800-171A, 800-172, and 800-172A.

MS. Pillitteri holds a B.S. in Electrical Engineering from the University of Maryland, a M.S in Computer Science, with a concentration in Information Assurance, from the George Washington University, completed the Key Executive Leadership Program at American University, and is a Certified Information Systems Security Professional (CISSP). She has completed a Senior Executive Service Candidate Development Program and is SES certified by the Office of Personnel Management Qualifications Review Board.

Amit Reizes leads security and compliance for Johnson Controls Federal Systems computing environments – directly responsible for policy, program development and implementation of security processes, including protection from cyber, insider threats, and mitigation of vulnerabilities.

He has more than 25 years of professional expertise in leading critical operations and directing multidisciplinary teams supporting private, public and Federal clients both in the U.S. and internationally, including Homeland Security and Critical Infrastructure Project work at major sites in our Nation’s Capital and around the country.

Amit is a Mechanical engineer with a Master’s Degree in System Safety/Risk Management as well as an Executive MBA from the Robert H. Smith School of Business. Licensed Professional Engineer (P.E.) and a Certified Information Systems Security Professional (CISSP).

Mr. Travis is the first chief executive officer of the Cyber Accreditation Body (the Cyber AB). Previously, Travis served as the first deputy director of the Cybersecurity and Infrastructure Security Agency (CISA), the nation’s leading civilian cybersecurity agency. There he oversaw the day-to-day operations of the $2+ billion, 2000+ employee organization across the full range of its mission in cybersecurity, infrastructure protections and emergency communications. Prior to this position, he was the deputy undersecretary for national protection (NPPD) within the Department of Homeland Security.

Before entering government service in 2018, Travis served as vice president of homeland security for Cadmus, a security, energy, and environmental professional services firm. He joined Cadmus when the security consultancy he co-founded, Obsidian Analysis, Inc., was acquired by Cadmus in 2016.

A former naval officer, Travis served as an engineering auxiliaries officer aboard the guided-missile frigate U.S.S. CARR (FFG 52). He then served a tour as White House Liaison to the Secretary of the Navy and was also a White House Military Aide. He is a 1991 graduate of the University of Notre Dame and holds a master’s in national security studies from Georgetown University.

Jack Wilmer is the Chief Executive Officer of Core4ce, a cybersecurity company that serves as a trusted partner to the national security community. Formerly, Jack served as the Deputy Chief Information Officer for Cybersecurity and the Chief Information Security Officer for the Department of Defense (DoD), where he was the senior official responsible for the cybersecurity of the Department of Defense.

Prior to this role, Jack was detailed to the White House, and served as the Principal Assistant Director for National Security and International Affairs within the White House Office of Science & Technology Policy (OSTP) where he led a team of experts to define whole-of-government policy on a wide range of national security topics, including the nation’s nuclear weapons posture, infectious diseases, bio/chem threats and security, quantum information sciences, artificial intelligence, and national security/emergency preparedness communications infrastructure.

Before serving in the federal government, Jack served 10+ years in the industry in various software engineering, program management, and executive leadership roles, culminating with his role as a Vice President at FGM, Inc., where he ran all aspects of FGM’s DoD work.

Jack graduated with honors from Princeton University where he received a Bachelor of Science in Engineering degree in Computer Science. Jack received the Office of the Secretary of Defense Medal for Exceptional Civilian Service in 2016 and serves on the Executive Advisory Council for the Washington, DC chapter of the Armed Forces and Communications Electronics Association (AFCEA).

Alex Whitworth is an IT executive with more than 14 years of experience in all aspects of public sector sales, marketing and channel development. As Director at Carahsoft Technology Corp., he manages several sales teams, providing leadership and insight into the Public Sector IT marketplace. His teams play a major role in supporting the government’s evolving cybersecurity demands, with a deep focus towards supporting agencies with successful zero trust adoption. In addition, he leads Carahsoft Technology Corp.’s corporate strategic efforts in helping organizations meet compliance with the DoD’s CMMC initiative.