Agenda

Welcome and Opening Remarks by Anne Armstrong, VP, Strategic Alliances, GovExec 360

Project Spectrum is a comprehensive, cost-effective platform that provides companies, institutions, and organizations with cybersecurity information, resources, tools, and training. The U.S. Department of Defense (DoD) recognizes Project Spectrum as a premier resource for the tools and training needed to increase cybersecurity awareness and maintain compliance in accordance with DoD contracting requirements.

Hear from IronNet’s Travis Rosiek who will share his unique understanding of the cybersecurity challenges facing organizations today and his call to action for taking a proactive approach to protecting your network.

You will learn:
— Why CMMC is a Cyber security call to action
— Why is there a sense of urgency surrounding CMMC today
— What are the consequences of ignoring CMMC requirements
— Why a proactive approach is better than reactive
— How collective defense is an important component of cybersecurity and CMMC

Sponsored By: IronNet

Ms. Knight will discuss her role in DOD CMMC Program Management Office, which supports all facets of the CMMC Program, including the development of CMMC 2.0 and its implementation plan for the Department. 

Sponsored by: Gigamon

Government, defense and defense industry base (DIB) must meet the demands of both the DoD and the critical infrastructure players and map to critical controls laid out in CMMC 2.0, NIST 800-171, and NIST 800-53 to adequately protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). Many agencies and DIBs are struggling with how to implement required information security controls and marking requirements to data in their Microsoft stack.

We will discuss the challenges of implementing the mandated best practices for the handling of CUI and FCI to meet these guidelines and how to tackle them using data-centric zero trust security techniques.

You will learn:
— New CMMC 2.0 mandatory CUI marking requirements
— Challenges of tagging, marking and securing CUI and FCI
— How to dynamically identify, tag, mark and protect CUI and FCI in Microsoft 365 and SharePoint On-premises

Sponsored By: archTIS

A chance to stretch your legs and refill your coffee!

Almost everyone agrees on the importance of protecting sensitive but unclassified information. But not everyone agrees on the same approach to solve the problem. Agencies are provided with many directives and deadlines about how to protect their systems and the data within them. NIST is a source of some of the most important.

Establishing a self-assessed SPRS score is just the first step.  How does an organization apply quantification to that score?  How do you decide the remediation required to improve that score?  How do you articulate the work effort and out-of-band budget requirements to Leadership as well as timelines necessary for those required remediation activities.  In this session we will be discussing the necessity of integrating a system to assist in managing these complex variables as your organization undertakes the activities beyond establishing the required point in time score and prepares for Certification.

Sponsored By: Cyturus

Hear from CyberAB CEO at the CMMC Workshop

More than 200,000 companies provide supplies, parts, and manufacturing for DOD's weapon systems. The defense industrial base has been pummeled with new cybersecurity vulnerabilities year on year. We are under attack in every way, every day. This critical industry faces persistent, increasing threats of sophisticated intellectual property theft, economic espionage, cybercrime, and other forms of attacks.  The result is that foreign actors are stealing large amounts of sensitive data, trade secrets, and intellectual property every day from DIB firms. This severely erodes not only the DIB, but it could potentially harm future U.S. military operations as Industry experts have noted. We walk through Incident Response requirements that exist now, and other emerging mandates. We also perform an overview of Modern threats and Security operations.

Operational viewpoint of a Modern SOC building frameworks from content to services to react to modern threats. We will highlight handling threats through the lens of a SOC.  We will have the following core focus areas.

— The state of the union on Modern threats
— The overview the Government Incident Response requirements
— An overview of the Ransomware Ecosystem and Nation State
— Why is this problem way beyond and more critical than a compliance issue?
— Why do these people care about the DIB anyways?
— Anatomy of a Hack
— Building scale and capacity to hunt and search for modern threats.

Sponsored By: Quzara

Kelley Kiernan, from the office of the US Air Force and US Space Force Chief Information Security Officer, will talk about the Blue Cyber initiative providing cybersecurity and information protection outreach to  Air Force/Space Force Small Business and Academic Institution contractors.  Come listen to Kelley talk about all the resources available in the small business cybersecurity ecosystem.

Hear from Alex Whitworth, Carahsoft as he rounds out the CMMC Workshop.

Sponsored By: Carahsoft

Thanks for joining us!