Contact
Tammy Everett, Senior DirectorDefense Alliance of North Carolina
910-690-4450
teverett@defensealliancenc.org
2.13.2020 DANC Science & Technology Forum - WHAT is CMMC?
- What is the Cyber Maturity Model Certification (CMMC)?
- Why is it Important for Future DoD Contracts?
- When and How it will impact current and future corroboration opportunities with fellow DANC members?
- What are your initial steps?
CYBER MATURITY MODEL CERTIFICATION (CMMC) - In 2020, the Department of Defense (DoD) will mandate cyber certification (known as CMMC) for all suppliers who support DoD contracts. This certification will eliminate self-attestation and require an independent 3rd party certification based on five levels. The CMMC levels will be used as a “go” or “no go” criteria to bid on or receive contracts. All Defense Industrial Base (DIB) companies must comply with CMMC, not just companies handling Controlled Unclassified Information (CUI). DANC and our industry members are watching closely the government throughout the development of the CMMC program.
DANC members can start to prepare for CMMC by ensuring their compliance to DFARS 252.204-7012 and NIST SP 800-171 and by ensuring that you are aware of the CMMC effort. We encourage you to attend this Forum to become educated on the CMMC requirements.
JOIN US TO LEARN MORE!
Thursday, February 13, 2020
1:00-2:00pm - Check-in/Networking
2:00-4:30pm - Program
4:30-5:00pm - Open Discussion/Closing Remarks/Networking
Hosted by the North Carolina State University Industry Expansion Solutions
Wilson College of Textiles Building
1020 Main Campus Dr.
Raleigh, NC 27606
Meeting will be held in the Multipurpose Room. The Wilson College of Textiles is located on the NC State University Centennial Campus.
PRESENTERS:
Elizabeth Cole-Walker
Presentation Title: Don't Forget About Your Third-Party Vendors and Service Providers
This presentation will provide attendees with what their company needs to know about the influence third-party partners can have on their cybersecurity programs. It provides a high-level overview of how to identify all the third-party partners in scope and information on how to assess their risk impact. Some security assessment methodology will be covered to help companies understand what they can do to help support compliance documentation and provide assurance to their customers.
Bio: Elizabeth Cole-Walker, Information Security Specialist, NC State University, Office of Information Technology
Elizabeth is a proven security professional with over 10 years of demonstrated experience effectively resolving issues that influence information security. She enjoys helping organizations achieve meaningful transformation and integration of technical and business requirements to meet mission. As a member of the Security and Compliance team, she loves helping customers understand how to work more securely to meet their goals. She serves as a representative on the university’s Institutional Review Board for the protection of human subjects that participate is NC State research projects and is Chair of the Information Security Advisory Group’s Cybersecurity Awareness Team, a working group to assist the Office of Information Technology and the university in delivering awareness training to the university community. As part of a team developing a cybersecurity internship program and providing cybersecurity assessments support services to industry through a partnership with the Industry Expansion Solutions Program. Through this partnership, both North Carolina industry, and college graduate receive the resources necessary to be competitive in the 21st century.
When not working at NC State this “Doctor Who” fan enjoys supporting her community as a volunteer with Girl Scouts USA, the Information Systems Security Association, and her church. Her husband (Bryan) and two children keep her very busy. Because she loves nature so much, you may find her hiking the many beautiful NC State Parks and fishing their lakes and rivers.
Compliance Program Expertise: Controlled Unclassified Information, Gramm–Leach–Bliley Act, EU General Data Protection Regulation
Specializations: Data Management Framework, Policy, Governance, Information Security Training
Certifications: CERT Software Engineering Institute, Carnegie Mellon University, Insider Threat Program Manager
Contact Information: eacolewa@ncsu.edu
Laura Rodgers
Presentation Title: An overview of the new Cyber Maturity Model Certification (CMMC)
Bio: Business Development Professional, North Carolina Military Business Center (NCMBC)
Serving businesses statewide, Ms. Rodgers identifies contract opportunities, sources them for businesses across the state and provides one-on-one assistance to help businesses in the region compete for, win and grow jobs through federal contracts. As a member of the NCMBC’s business development team, Ms. Rodgers identifies future and current federal prime and subcontracting opportunities, identifies and notifies companies of these opportunities and provides one-on-one assistance to help companies bid on and win contracts. Specifically, Ms. Rodgers monitors contract opportunities from the Department of Energy, Defense Logistics Agency – Energy and Missile Fuels, as well as the Environmental Protection Agency, National Institute of Environmental Health Sciences and North Carolina National Guard.
Ms. Rodgers is responsible for working with North Carolina businesses in Wake, Lee, Chatham, Durham, Orange, Caswell, Person, Granville, Vance, Franklin and Warren counties that desire to do business with the federal government. In this capacity, Ms. Rodgers helps existing businesses to identify, bid on and compete for federal contracts.
Prior to joining the NCMBC, Ms. Rodgers was a Client Relations Manager at North Carolina State University Industry Expansion Solutions where she performed business and operations assessments with defense contractors in the aerospace industry and provided recommendations for improvement. Ms. Rodgers worked for Lockheed Martin on the MX and Titan Missile programs, and General Dynamics Information Technology on military training programs. During her time in the defense industry Ms. Rodgers held a variety of positions in business operations, training, compliance, quality management systems, business development and proposal preparation.
Laura holds a B.B.A. in Accounting and an M.B.A. from Oklahoma State University.
Ms. Rodgers’ office is located at Wake Technical Community College at the RTP Campus
Derek White, Beryllium & Carl Hill, Golden Technology Services
Presentation Title: How to implement a CMMC solution with Beryllium?
Bio: Derek White | Director of Business Development & Equity Partner at Beryllium InfoSec Collaborative
Derek has proven track record of developing, implementing and representing solutions across multiple industries. Derek has spent 15 years working with organizations to provide positive outcomes utilizing technology and subject matter expertise . In today’s cyber & information landscape, security is more than just “tech”, it’s about collaboration. As cyber threats evolve, so must cyber defense. Derek and his team help businesses achieve the required level of cyber maturity, by developing fully compliant solutions that require information technology (IT) and Security working together, not against each other, specifically to the benefit SMBs within the Defense Industrial Base.
When away from Beryllium, Derek can be found spending quality time with his wife and three children while out and about in their community. Derek has a B.A. in Communications from Saint Cloud State University.
Beryllium InfoSec Collaborative, is an information & cyber security firm located in Minneapolis, Minnesota. As a business owned by veterans, Beryllium was created by utilizing its experience and relationships in the marketplace, to develop solutions in the security space that are both cost effective and easily integrated. Our team is lead by NIST Subject Matter Experts who take businesses from paralyzed to empowered.
Bio: Carl Hill, President of Golden Technology Services, Inc (GTS)
Hill brings enlightenment and knowledge on the cyber threat landscape, changing the behavior through his presentation and security solutions. Recent Speaking engagements include "The Intersection of Cyber Security, Data Privacy, the Constitution and the Law"; "Cyber Security Finance Forum", "North Carolina Defense Business Association"; Women Business Center of Charlotte, NC"; "National Minority Supplier Development Council"; Security Innovation Networking Conference, Homeland Security Finance Forum and many others. His company offers innovative cyber security, cloud and Technology Support Services for all size businesses across multiple industry sectors with affordable solutions for small businesses.
Hill had a 28 year career with IBM and held multiple Executive positions, he started GTS in 2012 and has been a member of DANC (NCDBA) for 5 years.
TENTATIVE - Representatives from Boeing, Raytheon, USfalcon, Booz Allen Hamilton and other prime defense contractors have been invited to attend and discuss new opportunities and why some will require the new security posture.