The goal of CUI-CON is to assist DoD Contractors in their implementation of NIST SP 800-171 and to prepare for their Cybersecurity Maturity Model Certification (CMMC) Conformity Assessment.
What are CUI-CON the conferences about?
CUI-CON conferences are about everything a Department of Defense (DoD) contractor must do to protect the Federal Government’s Intellectual Property (a.k.a., Controlled Unclassified Information (CUI)). The government specified information security requirements in 2017 and 3rd Party Certification of the contractor’s implementation is expected to go into effect late 2024/early 2025.
This is a working conference focused on helping Organizations Seeking Compliance.
What is driving this?
The DoD will implement its Cybersecurity Maturity Model Certification (CMMC) program beginning late 2024/early 2025. The CMMC Program will require Defense Contractors and their supply chains to be certified to win contracts and keep working for DoD.
What businesses should attend this conference?
Companies that do business with the Department of Defense have to protect DoD’s Intellectual Property (a.k.a., CUI). If your business has:
- FAR clause 52.204–21, “Basic Safeguarding of Covered Contractor Information Systems” in your contracts;
- DFARS clause 252.204–7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting” in your contracts…
- Does work for the DoD and has ITAR data…
- Just started with CMMC efforts…
This conference is for you.
Who from a business should attend?
Optimally, it would be the executive in charge of changing the business’s culture. Implementing CMMC is not a Information Technology problem–it is an executive one that will drive changes to how your business operates.
How will attending help my company?
CUI-CON is bringing experts from across the nation to help your organization address three key questions:
What is CMMC and why do I have to do this?
How does my organization get ready for a CMMC Conformity Assessment?
What tools and methods can we use to get ready?
When is the conference?
The last CUI-CON was held 22-23 February 2024 in Orlando Florida.
CUI-CON is planning a regional conference for the fall of 2024 and the 3rd Annual event in Orlando starting in 2025.
Check back for updates on the next CUI-CON.
Is the conference online or in-person?
The conference is being held only in-person.
How much does it cost?
The registration cost is to be determined for the next event.
Where is the conference?
The location for the next CUI-CON is to be determined.
Mr. Travis is the first chief executive officer of the Cyber Accreditation Body (the Cyber AB). Previously, Travis served as the first deputy director of the Cybersecurity and Infrastructure Security Agency (CISA), the nation’s leading civilian cybersecurity agency. There he oversaw the day-to-day operations of the $2+ billion, 2000+ employee organization across the full range of its mission in cybersecurity, infrastructure protections and emergency communications. Prior to this position, he was the deputy undersecretary for national protection (NPPD) within the Department of Homeland Security.
Before entering government service in 2018, Travis served as vice president of homeland security for Cadmus, a security, energy, and environmental professional services firm. He joined Cadmus when the security consultancy he co-founded, Obsidian Analysis, Inc., was acquired by Cadmus in 2016.
A former naval officer, Travis served as an engineering auxiliaries officer aboard the guided-missile frigate U.S.S. CARR (FFG 52). He then served a tour as White House Liaison to the Secretary of the Navy and was also a White House Military Aide. He is a 1991 graduate of the University of Notre Dame and holds a master’s in national security studies from Georgetown University.
CMMC Registered Practitioner, CCP, Security+, and A+
Lead Security and Compliance Analyst
Worked with over 100+ DIB on compliance efforts in aligning with DFARS 7012 and NIST 800-171 requirements…..and eventually CMMC
David Driggers is a seasoned cybersecurity practitioner with over 25 years experience working with customers in highly regulated OT environments.
im is the Director of Education and Content at FutureFeed.co, where he brings a broad range of legal, technical, and business expertise to the team. He is a Founding Director and former Board Treasurer of the CMMC Accreditation Body (now called the CyberAB), a Certified CMMC Assessor, Certified CMMC Professional, CMMC Provisional Instructor, and CMMC Provisional Assessor. Jim also authored and taught the CyberAB’s initial Registered Practitioner program, co-authored two Certified CMMC Professional (“CCP”) curricula, and is the author of two books on Controlled Unclassified Information (“CUI”).
Dr. Thomas Graham, Ph.D., is the VP and CISO at Redspin, a leading Cybersecurity Maturity Model Certification (CMMC) service provider. He is a recognized expert in CMMC and holds multiple certifications, including Certified Assessor (CCA) and CMMC Certified Professional (CCP). Dr. Graham played a pivotal role in Redspin becoming the first authorized C3PAO and conducting DIBCAC High CMMC assessments under JSVAP. With a Ph.D. in Information Assurance and Security, he oversees internal security matters at Redspin. Dr. Graham's accomplishments include receiving a FedHealthIT award while supporting the Defense Health Agency and speaking at industry events like the National Cyber Summit and ISC2 Security Congress.
Derek Kernus is the Director of Cybersecurity Operations for DTS, a professional services firm providing cybersecurity, management, and consulting services. Derek leads a team of cybersecurity professionals focused on helping organizations build or remediate their cybersecurity programs to meet compliance requirements with a strong posture.
DTS’ client base includes commercial companies and small and mid-sized federal contractors in the Defense Industrial Base (DIB) that have designed their information systems aligned with Zero Trust Architecture and other proven best practices to achieve a secure compliance posture with NIST SP 800-171 Rev 2. DTS has proven their ability to meet the 110 controls by achieving a perfect 110 score its own Joint Surveillance Voluntary Assessment (JSVA) as well as supporting one of its CMMC Level 2 Remediation clients who also received a perfect 110 score in a JSVA.
Fernando is the Managing Principal & Chief Information Security Officer for Cybersec Investments. Fernando was one of the earliest CMMC Provisional Assessors & was a member of the CMMC Accreditation Body’s Standards Management Industry Working Group, which helped develop guidance on CMMC’s assessment criteria & scoping with over 17,000 volunteer hours. This has led to being formally recognized with the President’s Volunteer Service Award.
Carter Schoenberg is the Vice President of Cybersecurity and Chief Cybersecurity Officer at SoundWay Consulting, Inc. He is a Certified Information Systems Security Professional (CISSP), Boardroom Qualified Technology Expert (QTE), and a CMMC Certified Assessor (CCA). His company is an approved CMMC Third Party Assessing Organization (C3PAO) and has been helping defense contractors prepare for CMMC and DFARs obligations since 2021.
Carter has over 29 years of combined experience in criminal investigations, cyber threat intelligence, cybersecurity, cyber risk management, and cyber law. His past works include comprehensive assessments of U.S. Government Contractors to align with what are now formal requirements set forth by the Defense Department including NIST SP 800-171 and now the Cybersecurity Maturity Model Certification (CMMC).
As a recognized RMF SME, Michael has served as the Chief Sr. Cybersecurity advisor to 1, 2 and 3 Star commander(s) across the Army, Navy, and Marine Corps. Specializing in advanced cyber techniques and countermeasures. As a recognized SME by the CSIAC, CompTIA, and ISC2, Michael has authored courses for Cisco, EC|Council, CompTIA, ISACA, and ISC2; Twice awarded the National Science Foundation Scholarship; Served as the Chair – Cybersecurity Training Working Group for the US Army, and awarded “Outstanding Educator” by the Southern Association of Colleges in 2010.
Leia Kupris Shilobod, CISM is the CEO and CSO of CompliancyIT, author of Cyber Warfare: Protecting Your Business From Total Annihilation and co-producer of the documentary "Cybercrime: The Dark Web Uncovered." As a cyber security advisor and CMMC Compliance SME, Leia speaks frequently and has been heard at IT Security Conferences, industry podcasts, and webinars. To help MSP’s get and keep their clients compliance, and internal IT to have a roadmap to functional CMMC success, Leia created the CMMC IT Documentation Toolkit. She leads CompliancyIT in providing cybersecurity compliance, as well as compliant helpdesk, infrastructure, and security services to help her clients meet their strategic goals.
CAPT, USN (retired) Scott Singer brings 30 years of military experience in both active duty and reserve rolls along with 31 years of industry experience. Scott co-founded CyberNINES and serves as the Chief Executive Officer. Scott has extensive experience with regulatory frameworks and government contracting including Federal Acquisition Regulations (FAR/DFARS), HIPAA, medical device (ISO 13485), and cybersecurity (ISO 27001, NIST), aerospace (AS9100) and nuclear (NQA-1).
Scott is the past board chair for the Minnesota Technology Association (MnTech), past President of the University of Wisconsin, Madison NROTC Alumni Association, and past board member of InfraGard. In June 2021, he testified before Congress on the costs to small business to comply with the DoDs Cybersecurity Maturity Model Certification (CMMC). He currently chairs the C3PAO (CMMC Third-Party Assessment Organization) Stakeholder Forum (C3PAOForum.org).
Scott has an MBA in Information Systems from the University of Minnesota, Carlson School of Management, and BS is Meteorology from the University of Wisconsin at Madison. He also has a certification in Joint Professional Military Education from The Naval War College.
For the DoD cybersecurity ecosystem, Scott is a Certified CMMC Assessor (CCA), Certified CMMC Professional (CCP), and CMMC Provisional Instructor (PI). CyberNINES is an Authorized C3PAO.
As the founder of Peak InfoSec, Matt left the Federal government sector as an Air Force Program Manager to reapply his 25+ years of Information Security & Technology experience to the commercial sector. Matt now leads an organization that specializes in Information Security Turn Around efforts supporting federal and commercial sectors. Matt has been brought in to consult with organizations across the globe like United Launch Alliance, Sony, ConocoPhillips, and Munich Re-Insurance. His commitment to supporting the military and Defense Industrial Base did not stop when he left the Air Force. Matt is a recognized leader in the DoD’s new Cybersecurity Maturity Model Certification (CMMC). His leadership efforts led him to lead one of the first Authorized CMMC 3rd Party Assessor Organizations (C3PAO); being certified as a CMMC Provisional Assessor; volunteering on the CMMC Accreditation Body Industry Standards Working Group; and, as a Subject Matter Expert, helping several institutions develop CMMC training curricula.
Tom has more than 20 years of experience in the cybersecurity industry and leads the firm’s CMMC and federal compliance advisory services. His firm, FORVIS, LLP was one of the earliest C3PAO firms and Tom is a CMMC Provisional Assessor. Tom’s clients include organizations in the defense, technology, energy, logistics, and financial services industries, including multiple Fortune 500 enterprises.
Prior to joining the firm, Tom developed and implemented cybersecurity risk and compliance solutions for a Fortune 500 defense contractor. He has been published in national publications and is a regular speaker on cybersecurity and privacy topics at various industry events. Tom is a graduate of Florida State University, Tallahassee, with M.B.A. and B.S. degrees.
Richard Wakeman is the Chief Architect for cybersecurity of Aerospace & Defense at Microsoft. He specializes in the Defense Industrial Base adopting cloud services from Microsoft. Richard engages with Microsoft partners and customers end-to-end to drive adoption of Azure Government, Microsoft 365 GCC High / DoD and Dynamics 365 GCC High as solutions within the Microsoft US Sovereign Clouds.
Richard joined Microsoft in 2007 as a developer, identity and messaging expert at the dawn of Microsoft Online Services. Shortly after joining, he was engaged by the Exchange Product Group to lead cloud deployments worldwide for Live@edu as part of the Exchange Labs program. He led the charge for integration of MCS and Premier services with cloud offerings, becoming a Senior Architect for the Microsoft Enterprise Services Business Productivity Global Domain Solution Architecture Office.
In his role guiding customer journeys to the cloud, Richard has worked with hundreds of the most prominent world-wide accounts, adopting the evolving Microsoft Online Services from Live@edu to BPOS to Office 365 and Azure, and now our new sovereign clouds.
Amy Williams began her career in Accounting Information Systems, a precursor to cybersecurity that imbued her with the talents and knowledge that she uses today. A member of multiple fields of study, Dr. Williams has ample experience understanding fraud, system errors in internal systems, and internet security protection. She has been on the forefront of developing cyber strategies for supply chains since the world wide web made the internet popular for sharing data in business. With both a Master’s Degree and PhD from Virginia Tech, Amy Williams has held prestigious positions with the NY Crime Commission where she built an alliance with the FBI, and she led the development of BlueVoyant's CMMC and CIS Advisory Practices prior to joining Coalfire Federal.
As Vice President of CMMC at Coalfire Federal, Dr. Williams has proudly built and led the current CMMC advisory and certification programs. She spends her time following industry leaders on LinkedIn, and is regularly and invited speaker at industry conferences for CMMC and cybersecurity in general and has authored many peer reviewed and thought leadership papers on various cybersecurity topics.
Marci Womack is a Managing Director at Schellman where she focuses on Schellman's Federal Practice, specifically overseeing both the emerging CMMC assessment program and the established FedRAMP assessment program. Marci also serves as the 3PAO (third party assessment organization) representative on the Federal Secure Cloud Advisory Committee (FSCAC). Prior to joining Schellman in 2016 as a senior associate, Marci worked as a federal contractor implementing and assessing federal cybersecurity programs, as well as an FFIEC/GLBA security controls assessor and consultant. Marci has over 10 years of information security experience across various industries and holds key certifications, including CISSP, CISA, CEH, and (CMMC) CCA. Marci is also experienced in other related frameworks, including StateRAMP, IRS 1075, MARS-E, and CJIS.
Office: (301) 360‑0001 / (866) 960-0001 | Email: info@ktlsolutions.com | https://www.ktlsolutions.com/
Office: : (888) 676-6367 | https://www.neosystemscorp.com/
https://www.compliancyit.io/ | Phone: 724.235.8750
Phone: 317-275-0021 | Email: info@lifelinedatacenters.com | https://cmmc-fasttrack.com/
Office: 410-560-5602 | Email: sales@futurefeed.co | https://futurefeed.co/
Email: support@cyberab.org | https://cyberab.org/
1-703-561 -0500 | https://exostar.com/ | Email: sales@exostar.com
855-719-1918 | Email: sales@intelligrc.com | https://www.intelligrc.com/