CMMC: Where We Are Going, Where We've Been, and What's Next

The Cybersecurity Maturity Model Certification continues to move forward with organizations being certified as third-party assessors and other roles that will move contractors through the process.

But there are more steps to come and more questions that need to be answered.

At this Power Breakfast, you’ll hear from CMMC leaders in government and industry, who will provide an update on what has happened and what’s next on the Defense Department’s agenda for securing the supply chain.

Among the topics we’ll cover is the health of the CMMC ecosystem of assessors, trainers and certifiers. We’ll also present information on upcoming deadlines and what early CMMC contract requirements can tell us about how CMMC will be incorporated into procurement.

There also will be a chance for you to ask questions specific to your company and situation.

Speakers

/media/images/GIG/People/B/Bai_TonyBW.jpg

Tony Bai

Cybersecurity Professional

A-LIGN

Read More
/media/images/GIG/People/B/Bai_TonyBW.jpg

Tony Bai

Cybersecurity Professional

A-LIGN

Tony Bai is a cybersecurity professional at A-LIGN with a range of certifications (CISSP, CCSP, CISA, CISM, CSM, CDPSE, and PMP). Tony is responsible for overseeing NIST-based engagements, including FedRAMP, FISMA, and 800-171, and providing cybersecurity advisory and guidance to A-LIGN’s clients. He has over 27 years of IT experience with the last 10 years specializing in cybersecurity. His background includes providing risk assessments for government agencies and Fortune 500 companies across multiple industries.

/media/images/GIG/People/C/Cardaci_MichaelBW.jpg

Michael Cardaci

CEO

FedHIVE

Read More
/media/images/GIG/People/C/Cardaci_MichaelBW.jpg

Michael Cardaci

CEO

FedHIVE

Michael Cardaci is the CEO of FedHIVE, a provider of cloud services and consulting on high-security technologies, policies and best practices. The company offers FedRAMP High-authorized IaaS and PaaS cloud capabilities for federal agencies as well as advanced professional guidance for companies seeking to work with the government.

/media/images/GIG/People/T/Travis_MatthewBW.jpg

Matthew Travis

Chief Executive Officer

Cybersecurity Maturity Model Certification Accreditation Body

Read More
/media/images/GIG/People/T/Travis_MatthewBW.jpg

Matthew Travis

Chief Executive Officer

Cybersecurity Maturity Model Certification Accreditation Body

Matthew Travis is the first chief executive officer of the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB), the nation’s sole authorized provider of cybersecurity certification credentials for the defense industrial base. Chartered by the Department of Defense but independent from it, CMMC-AB is a 501(c)(3) non-profit organization working with thousands of companies that support DoD to implement common and verifiable cybersecurity standards.

Previously, Travis served as the first deputy director of the Cybersecurity and Infrastructure Security Agency (CISA), the nation’s leading civilian cybersecurity agency. There he oversaw the day-to-day operations of the $2+ billion, 2000+ employee organization across the full range of its mission in cybersecurity, infrastructure protections and emergency communications. Prior to this position, he was the deputy undersecretary for national protection (NPPD) within the Department of Homeland Security.

Before entering government service in 2018, Travis served as vice president of homeland security for Cadmus, a security, energy, and environmental professional services firm. He joined Cadmus when the security consultancy he co-founded, Obsidian Analysis, Inc., was acquired by Cadmus in 2016.

A former naval officer, Travis served as an engineering auxiliaries officer aboard the guided-missile frigate U.S.S. CARR (FFG 52). He then served a tour as White House Liaison to the Secretary of the Navy and was also a White House Military Aide. He is a 1991 graduate of the University of Notre Dame and holds a master’s in national security studies from Georgetown University.

/media/images/GIG/People/B/Buenger_TonyBW.jpg

Tony Buenger

CMMC Strategist & Provisional Assessor

Redspin

Read More
/media/images/GIG/People/B/Buenger_TonyBW.jpg

Tony Buenger

CMMC Strategist & Provisional Assessor

Redspin

Tony Buenger currently serves as a CMMC Strategist and Provisional Assessor at Redspin and is highly experienced in the information technology and cyber security arenas. After more than two decades, Tony retired from the Air Force and became a full-time information security professional fulfilling various roles, including information system security officer, information system security manager, NIST-certifying authority, security controls assessor, CISO, and cyber security consultant. He has about 15 years of hands-on experience with NIST in many of these roles, including working as a key member of a team at the Pentagon to convert the United States Air Force from a DoD static compliance-based framework to the risk-based NIST Risk Management Framework (RMF).

Tony is also an instructor within the cybersecurity profession fulfilling roles such as full-time military faculty teaching master degree level information security courses at the National Defense University, adjunct instructor and co-developer of the master degree level cyber security program at Auburn University-Montgomery, and lead faculty chair for cyber security and networking at the University of Phoenix.

He is an accomplished public speaker and publisher on various information technology and cybersecurity topics, to include areas such as threat intelligence and analysis, digital convergence, the effects of ransomware, and social engineering.

Certifications include information security, security management, and enterprise information technology to include the Certified Chief Information Security Officer (CCISO), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Governance of Enterprise Information Technology (CGEIT).

/media/images/GIG/People/S/Stack_BrianBW.jpg

Brian Stack

Vice President of Strategy

Cask Government Services

Read More
/media/images/GIG/People/S/Stack_BrianBW.jpg

Brian Stack

Vice President of Strategy

Cask Government Services

Brian is the Executive Vice President of Strategy for Cask Government Services, a CMMC Authorized C3PAO. He brings more than 10 years of senior leadership experience in the Department of Defense (DoD) engineering and technical services to his role, with a history of leading multifaceted teams to deliver solutions that enable the organization’s strategic path forward. Brian’s 22-year career has extended through supporting NOAA, DISA, and the USMC from the engineering of cloud, cross-domain and Science and Technology (S&T) based challenges. Brian holds an Electrical Engineering degree from Virginia Tech.

/media/images/GIG/GIGEvents/2019Custom/Speakers/RossWIlkers_2019.jpg

Ross Wilkers

Senior Staff Writer

Washington Technology

Agenda

8:15 AM

Friday, August 20, 2021

Welcome & Opening Remarks

Ross Wilkers, Senior Staff Writer, Washington Technology

8:20 AM

Friday, August 20, 2021

CMMC AB Update

Matthew Travis, Chief Executive Officer, Cybersecurity Maturity Model Certification Accreditation Body

Description

Matthew Travis, CEO, Cybersecurity Maturity Model Certification Accreditation Body, will share lessons learned as this industry organization pushes forward with the accreditation process.

He’ll provide an update on 3CPAOs and other critical components to get the CMMC process rolling. He’ll describe his organizations priorities and what he is hearing from DOD.

The information he’ll provide will help contractors understand what they need to do next and what they should be preparing for.


8:45 AM

Friday, August 20, 2021

Lessons from the 3PAO Journey

Tony Buenger, CMMC Strategist & Provisional Assessor, Redspin

Brian Stack, Vice President of Strategy , Cask Government Services

Description

Redpsin and Cask Government Services are two the first three Third Party Assessor Organizations approved by the CMMC-AB.

Tony Buenger of Redspin and Brian Stack of Cask Government Services will share their experiences as their companies worked through the approval process. They’ll talk about what they are seeing on the ground from the contractors that are looking for CMMC certifications.

They’ll share early observations of what contractors are doing well as well as where they think contractors should put more of their focus.


9:15 AM

Friday, August 20, 2021

CMMC Steps You Should be Taking Now

Tony Bai, Cybersecurity Professional, A-LIGN

Michael Cardaci, CEO, FedHIVE

Description

CMMC processes and procedures are still evolving but companies shouldn’t stand still. Our experts share what your company should be doing now and what the future may hold.


9:45 AM

Friday, August 20, 2021

Closing Remarks

Underwriters

Dell
Pluralsight
Pluralsight