Controlled Unclassified Information (CUI) Conference

(#cuicon)

CUI-CON 2026

11-13 February 2026
DoubleTree by Hilton Hotel at the Entrance to Universal Orlando

The goal of CUI-CON is to assist DoD Contractors in their implementation of NIST SP 800-171 and to prepare for their Cybersecurity Maturity Model Certification (CMMC) Conformity Assessment.

What are CUI-CON the conferences about?

CUI-CON conferences are about everything a Department of Defense (DoD) contractor must do to protect the Federal Government’s Intellectual Property (a.k.a., Controlled Unclassified Information (CUI)). The government specified information security requirements in 2017 and 3rd Party Certification of the contractor’s implementation is expected to go into full effect late 2025.

This is a working conference focused on helping Organizations Seeking Compliance.

What is driving this?

The DoD implemented the Cybersecurity Maturity Model Certification (CMMC) program at the start of 2025. The CMMC Program will require Defense Contractors and their supply chains to be certified to win contracts and keep working for DoD. Certification is expected to be contractually required in 2026.

What businesses should attend this conference?

Companies that do business with the Department of Defense have to protect DoD’s Intellectual Property (a.k.a., CUI). If your business has:

  • FAR clause 52.204–21, “Basic Safeguarding of Covered Contractor Information Systems” in your contracts;
  • DFARS clause 252.204–7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting” in your contracts…
  • Does work for the DoD and has ITAR data…
  • Just started with CMMC efforts…

This conference is for you.

Who from a business should attend?

Optimally, it would be the executive in charge of changing the business’s culture. Implementing CMMC is not a Information Technology problem–it is an executive one that will drive changes to how your business operates.

How will attending help my company?

CUI-CON is bringing experts from across the nation to help your organization address three key questions:

What is CMMC and why do I have to do this?

How does my organization get ready for a CMMC Conformity Assessment?

What tools and methods can we use to get ready?

When is the conference?

CUI-CON 2026 will be held 11-13 February 2026.

Register below and we will send you updates about CUI-CON 2026.

Is the conference online or in-person?

Like all of previous CUI-CONs, the conference is being held only in-person.

No online sessions will be offered.

How much does it cost?

The costs for CUI-CON 2026 are:

  • $650 per person through 30 November 2025
  • $750 per person beginning on 1 December
  • The DoubleTree by Hilton at the Entrance to Universal Orlando has room block set aside for $189 per night.

Where is the conference?

The conference will be at the DoubleTree by Hilton at the Entrance to Universal Orlando at 5780 Major Boulevard. Orlando, Florida 32819.

Book your reservation at https://www.hilton.com/en/attend-my-event/mcoundt-cc1-b6b61aee-d994-4d56-98a9-ba275b76d6b4/

Speaker: Goepel
SPEAKER
Stacy Bostjanick
Mr. James Goepel
CEO & General Counsel

Jim is the CEO & General Counsel at Fathom Cyber, leverages his extensive business, technical, and legal backgrounds to help Fathom Cyber's clients build IT and cybersecurity programs that comply with their legal and regulatory requirements. Jim helped build the CMMC Accreditation Body (CMMC-AB - now The Cyber AB). This included creating The Cyber AB's first official CMMC course.

Speaker: Machado
SPEAKER
Stacy Bostjanick
Mr. Fernando Machado
Managing Principal, Cybersec Investments

Fernando is the Managing Principal & Chief Information Security Officer for Cybersec Investments. Fernando was one of the earliest CMMC Provisional Assessors & was a member of the CMMC Accreditation Body’s Standards Management Industry Working Group, which helped develop guidance on CMMC’s assessment criteria & scoping with over 17,000 volunteer hours. This has led to being formally recognized with the President’s Volunteer Service Award.

Speaker: Titcombe
SPEAKER
Fred Tschirgi
Mr. Matthew Titcombe
CEO, Peak InfoSec

As the founder of Peak InfoSec, Matt left the Federal government sector as an Air Force Program Manager to reapply his 25+ years of Information Security & Technology experience to the commercial sector. Matt now leads an organization that specializes in Information Security Turn Around efforts supporting federal and commercial sectors. Matt has been brought in to consult with organizations across the globe like United Launch Alliance, Sony, ConocoPhillips, and Munich Re-Insurance. His commitment to supporting the military and Defense Industrial Base did not stop when he left the Air Force. Matt is a recognized leader in the DoD’s new Cybersecurity Maturity Model Certification (CMMC). His leadership efforts led him to lead one of the first Authorized CMMC 3rd Party Assessor Organizations (C3PAO); being certified as a CMMC Provisional Assessor; volunteering on the CMMC Accreditation Body Industry Standards Working Group; and, as a Subject Matter Expert, helping several institutions develop CMMC training curricula.

previous arrow
next arrow
Host: Cybersec
CUI-CON Host
Matthew A. Titcombe
Host: Peak InfoSec
CUI-CON Host
Matthew A. Titcombe
Host: Fathom Cyber
CUI-CON Host
Matthew A. Titcombe
Host: Ascend Cyber
CUI-CON Host
Matthew A. Titcombe
1.1 COMPARTMENTALIZED: Neosystems
COMPARTMENTALIZED Sponsor
Matthew A. Titcombe
3.1 SECRET: FutureFeed
SECRET Sponsor
Matthew A. Titcombe
4.1 CONTROLLED: ECFirst
CONTROLLED Sponsor
Matthew A. Titcombe
4.2 CONTROLLED: Aetheon
CONTROLLED Sponsor
Matthew A. Titcombe
4.3 CONTROLLED: PreVeil, Inc.
CONTROLLED Sponsor
PreVeil, Inc.
4.4 CONTROLLED: ControlCase
CONTROLLED Sponsor
Matthew A. Titcombe
4.5 CONTROLLED: SMPL-C
CONTROLLED Sponsor
Matthew A. Titcombe
previous arrow
next arrow