Sessions

New Dates: February 19-20, 2025

Register

Day 1: February 19, 2025

Keynote: State of the CMMC Ecosystem

Matt Travis, Cyber AB

  • What is new?
  • What is coming?
  • Federal resources available

Session 1: Timeline to Compliance

Nancy Laney, PEAK Complyance

  • Walk-through of what needs to happen
  • When to be ready to schedule an official assessment
  • List of milestones

Session 2: CUI

Regan Edens, DTC Global

  • CUI vs. COTS
  • FCI Scope vs. CUI Scope
  • CUI Marking
  • Reporting and Responding to Incidents

 

Day 2: February 20, 2025

Keynote: DIBCAC Lessons Learned from JSVA

Nick Delrosso, DIBCAC

  • What is new?
  • What is coming?

Session 3: Assess, Document, Evidence -> Repeat

Regan Edens, DTC Global

Jim Johnson, Safran Group

Tiffiney Groce, Garbon Aerospace

  • Initial assessment of the control
  • How to document the control
  • How to evidence the control

Session 4: Building a Culture of Evidence 

  • The challenge of creating evidence regularly
  • Boeing - a case study
  • CMMC benefits of SOPs to management and quality product delivery

Keynote with Mitch Thornton, Darwin Deason Institute fro Cybersecurity, SMU

Session 5: Documentation -- Too Much, Too Little and Just Right

Mark Berman, FutureFeed

  • Examine: Evidence and Artifacts needed to validate a control
  • Interview: How to direct the assessor to the right interviewees and tips for the interviewee
  • Control Summaries
  • Objective Statements
  • Best Practices for keeping policies and procedures up-to-date
  • Reference Documents - what is needed and how frequently to refresh your content

Session 6: Choosing a Service Provider

Stuart Itkin, NeoSystems and Leia Kupris Shilobod, CompliancyIT

  • Why do I need one?
  • ESP, MSP, MSSP, Consultant
  • Is my MSP my consultant?
  • Mock Assessment
  • C3PAP

Session 7: Mock Assessment Walk-through Panel

Nick Delrosso, DIBCAC

Robert Hill, Cyturus Technologies

Jerry Leishman, NeoSytems

David Bedard, KTL Solutions

 

 

Speakers and agenda subject to change.