Loading Events

« All Events

CMMC Implementation: Your Path to Cybersecurity Compliance

November 15 @ 8:00 am - 5:00 pm

Join the North Carolina Military Business Center and North Carolina State University for a “CMMC Implementation Workshop: Your Path to Cybersecurity Compliance” on either November 15 in Flat Rock, North Carolina or December 3 in Raleigh, North Carolina.

Prepare defense contractors for their Cybersecurity Maturity Model Certification assessments by providing them with the latest information about CMMC 2.0 and the associated DFARS clauses, and how to implement them. The goal of the event is for defense contractors and their IT/cyber staff and/or IT managed service providers to gain a thorough understanding of the requirements in CMMC and have a plan to get started or continue with their cybersecurity program. By the end of the day, attendees should know what the next steps are and what resources are available to help them develop their cybersecurity programs. November 15, 2024 Technology Education Development Center Blue Ridge Conference Center 49 East Campus Drive Flat Rock, NC 28731 Parking is available in lot D. Campus Map.

Agenda

Leadership Track. Will include a high-level overview of what is being discussed in the technical track, with the goal being to reduce the friction between leadership and technical professionals. We will also discuss the topics below.

  • Cybersecurity Overview
  • How to build a culture of cybersecurity/tone at the top
  • Things to do now: DoD CUI training, Medium Assurance Certificate, awareness training
  • Cyber risks
  • CMMC Scope
  • Compliance documentation
  • Questions to ask your MSP/MSSP/Consultant
  • Share responsibility matrices for “inherited” cybersecurity controls
  • What cybersecurity information to include in service level agreements
  • Supply chain risk management
  • CMMC implementation strategies
  • Cost of implementation

Technical Track

  • Asset and data inventories
  • Network diagrams
  • Data flow diagrams
  • Physical security
  • CMMC Scope
  • System Security Plan
  • How to perform a gap assessment
  • How to put a score in the Supplier Performance Risk System
  • NIST controls – where to start

Who Should Attend:  Defense contractors- Leadership and those responsible for implementing CMMC AND their Managed Service/Security Providers (MSP/MSSP) or consultants. The new CMMC rule requires MSP/MSSPs to be CMMC Level 2 certified if they store, process, or transmit controlled unclassified information (CUI) on behalf of their defense contractor clients, or provide security protection for CUI assets. MSP/MSSPs must receive their CMMC Level 2 certification BEFORE their client defense contractors can be assessed.

The content of the workshop will be geared toward preparing attendees for a CMMC Level 2 assessment, however contractors preparing for CMMC Level 1 are welcome to attend.

Why attend: The CMMC rule will become final in September or October of 2024 (based on the current timeline) and will be in some contracts/modifications in 2025. While there will be a slow roll-out of CMMC, defense contractors should not assume the requirements won’t be applicable to them in 2025 since prime contractors can add the requirements to contracts as soon as the rule becomes final.

Registration. Registration will open soon. Early Bird Registration (prior to November 1, 2024): $115/person Registration (on or after November 1, 2024): $130/person Registration includes access to the full program, materials and catering throughout the day.

REGISTER

Speakers: 

  • Laura Rodgers: Laura is the Director of Cybersecurity Practice in the Secure Computing Institute at NC State University and the Director of the North Carolina Partnership for Cybersecurity Excellence (NC-PaCE). Laura has been working with defense contractors in North Carolina for several years and teachers a DoD Cybersecurity Compliance course. She was a defense contractor for over 20 years with Lockheed Martin and General Dynamics IT, and held positions in business operations, business development, governance, risk, compliance, and policy.
  • Lori Jackson: Lori is the founder and President of White Raven Security, a certified WOSB cybersecurity consulting company in Charlotte, NC. She has over 20 years of technical and management experience in cybersecurity compliance, cyber engineering, and corporate governance, and she is committed to supporting defense contractors with CMMC compliance and security. Lori is a Certified Information Systems Security Professional (CISSP). She holds the Certified CMMC Professional (CCP) and Certified CMMC Assessor (CCA) certifications and is a Registered Practitioner (RP) in the CMMC ecosystem.
  • Myriam Batista: Myriam is the Chief Information and Compliance officer at Reef Systems, which is headquartered in Cary, North Carolina. She works with companies to understand their security posture and help them comply with Federal Government requirements and commercial frameworks such as NIST SP 800-171, NIST SP 800-53, ISO 27001, and CMMC. Myriam has over 20 years of experience leading the implementation of cybersecurity and technology solutions in support of commercial customers, educational institutions, and government agencies, as well as expertise in conducting independent assessments and audits. Myriam’s credentials include Project Management Professional (PMP), Certified CMMC Assessor, CMMC Provisional Instructor, ISO Lead Auditor and Cloud Security Alliance CCSK Authorized Instructor.
  • Jon Sternstein: Jon is the founder and CEO of Stern Security, a cyber security company headquartered in Raleigh, NC. He is a co-author of the Cisco Press course titled “Security Penetration Testing (The Art of Hacking) LiveLessons”. Jon holds many security certifications including GIAC Penetration Tester and Certified Information Systems Security Professional (CISSP). Jon has been a featured cybersecurity expert on ABC News, WRAL News, ISSA Journal, PenTest Magazine, North Carolina Dental Gazette, and Business North Carolina Magazine.
  • Rad Rouzky: Rad is the founder and President of Reef Systems, providing solutions to customers nationwide in cybersecurity, information technology, healthcare and administration/program management. He provides security architecture and implementation guidance to customers needing to enhance their cyber posture and comply with government and commercial security standards such as NIST SP 800-171, ISO 27001 and Cybersecurity Maturity Model Certification (CMMC). Rad holds CISSP and HCISPP certifications from (ISC)², is a CMMC Registered Practitioner (RP), and earned Bachelor’s and Master’s degrees in Electrical Engineering.
  • Craig Williams: Craig is the President of the Cyber Synergy Consulting Group and is a seasoned Cybersecurity consultant, drawing on his over 20 years of Network Engineer and Application Architect Information Technology experience, combined with two decades of teaching basic and advanced IT courses. He was employed by Cisco for 19 years as a technical and Java developer for Advanced Services IT. Craig holds a Bachelor’s degree in Computer Engineering from NC State University as well as numerous industry-led certification courses, including Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), and CompTIA Security+.

Details

Date:
November 15
Time:
8:00 am - 5:00 pm
Event Category:
Print  PRINT