CMMC Compliance Demystified: Insights from Government & Industry Experts
January 16, 2025 9-10:30 am ET Webinar
Please join ISOA for a webinar jointly hosted by the Small Business and Cybertechnology Committees, CMMC Compliance Demystified: Insights from Government & Industry Experts on January 16, 2025.
The Cybersecurity Maturity Model Certification (CMMC) is a cornerstone requirement for organizations in the defense supply chain, ensuring compliance with rigorous cybersecurity standards to protect sensitive data. As regulations continue to evolve, businesses
face challenges in understanding and implementing these requirements, preparing for audits, and avoiding compliance risks. This webinar provides critical insights to help organizations navigate the CMMC landscape and maintain eligibility for government
contracts.
This complimentary webinar is open to ISOA members and non-members.
After you register, you will receive an email with the link to sign into the Zoom webinar.
Speakers
Moderator
Crystal Canet
Crystal Canet is the Founder of Clear Consulting International (CCI), where she leads management consultancy
services specializing in Communications, Cybersecurity, and IT systems. Her professional journey spans over 20
years as a Director of Operations
and Business Developer. During this time, she has successfully managed federal and commercial initiatives while
leading national and international teams across sectors such as manufacturing, infrastructure,
telecommunications, and logistics.
Read
More
For nearly five years, she has served on the Small Business Committee, including two years as Chairman,
representing the interests of over 65% of ISOA members. Her dedication extends to being an active member of
the Cyber, Technology & Innovation
Committee, and she has been involved with the Afghanistan Working Group since the U.S. withdrawal.
Additionally, she serves as the Second Vice President at the Society of Military Engineers (SAME) Blue Ridge
Post.
Brian Yu
Senior Associate Attorney, Ward & Berry
Brian is a Senior Associate attorney with Ward & Berry, where he counsels clients on regulatory compliance and government contract administration and disputes. His compliance practice focuses on the meeting of industry regulations with Federal contracting, in information security and False Claims Act risk.
Read More
Brian previously worked at the Federal Aviation Administration advising on procurements and contract administration for software and IT systems and support, including the concurrent competitions of multiple GSA schedule cybersecurity service contracts and a new, multibillion-dollar support contract vehicle.
His bar licenses include D.C., Virginia, and Delaware, where Brian practiced in the Chancery and U.S. Bankruptcy courts.
Derek Kernus CISSP, CCSP
Derek guides a team of cybersecurity professionals focused on helping federal contractors build or remediate their cybersecurity programs to meet DFARS 252.204-7012 and CMMC Level 2. In his role, Derek supports the design and enforcement of the CMMC requirements on client in-scope networks .
Read More
He is also responsible for supporting the clients of Aethon Security with thoroughly documenting the compliance of their Covered Contractor Information System through a System Security Plan (SSP) written to NIST SP 800-171A and gathering supporting artifacts.
Prior to starting Aethon Security, Derek was the Director of Cybersecurity Operations of a Managed Security Service Provider (MSSP) and the Deputy CISO of a CMMC 3rd Party Assessment Organization (C3PAO). While at the MSSP, he led a team that guided 2 defense contractors through 110-perfect score Joint Surveillance Voluntary Assessments (JSVA) – the equivalent of CMMC Level 2 certification assessments. At Aethon Security, he and his team also led a multinational parts manufacture to a perfect score JSVA just days before the CMMC rule became effective, securing the one of the first CMMC Level 2 certifications.
Derek holds the Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) certifications from ISC2, the Lead Certified CMMC Assessor (CCA) certification from the Cyber AB, and a Master of Business Administration from William and Mary’s Raymond A. Mason School of Business.
Derrick Davis
Derrick T. Davis is currently the Director for Industrial Cyber Security for the Office of Small Business Programs (OSBP). He directly oversees several programs in support of the U.S. Department of Defense (DoD), including Project Spectrum cybersecurity outreach initiative. Mr. Davis provides strategic leadership for cybersecurity, and program-support professionals. He utilizes his extensive experience with cyber security and policy strategy to direct Department Cyber Security readiness.
|