No More Alphabet Soup: Simple, Straightforward Answers to Your Questions About CMMC

In an era where cyber threats and data breaches are increasingly common, strengthening cybersecurity within the Defense Industrial Base (DIB) is more crucial than ever. To address this, the Department of Defense (DoD) has introduced the Cybersecurity Maturity Model Certification (CMMC), a comprehensive framework aimed at enhancing the protection of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).

The CMMC represents a unified standard of security practices, focusing on effectively implementing 110 security controls as outlined in the National Institute of Standards and Technology Special Publication 800-171 (NIST SP 800-171). This initiative marks a significant step in securing critical information within the defense sector.

In our webinar on Wednesday, January 24, 2024, Exostar hosted a panel of leading industry experts who delved into the intricacies of the CMMC. The session provided a comprehensive overview of the DoD's CMMC proposed rule, its current implications, and practical insights into navigating these new requirements.

Key Discussion Points:

  • In-depth analysis of the CMMC framework and its impact on the DIB
  • Expert perspectives on effectively implementing NIST SP 800-171 security controls
  • Interactive Q&A session addressing your specific concerns and queries about CMMC

If you missed the live discussion or have further questions about CMMC, we encourage you to view the recorded session, now available on our landing page. Stay informed and prepared as we navigate the evolving cybersecurity landscape in the defense sector.

 

Tools for Simplifying Compliance: Exostar's Ready Suite for CMMC

Exostar offers a comprehensive suite of tools to assist in achieving CMMC Maturity Level 2 compliance, including:

  • Exostar's Managed Microsoft 365: Safeguard your CUI and implement 85 of 110 NIST SP 800-171 controls in a Microsoft Teams environment
  • Certification Assistant: Complete your NIST/CMMC self-assessment and documentation
  • PolicyPro: Boost your SPRS score by documenting and optimizing required NIST policies using AI and templates
  • Basic Assessment Service: Provides third-party assessment and gap analysis.

The CMMC framework marks a significant shift in defense sector cybersecurity. Start your compliance journey, ensuring your organization stays competitive and secure in the defense supply chain.

Learn More

Our Speakers

Webinar_18-Oct-2023_Kyle-Headshot-New4

 

Kyle Lai

Kyle is the President and CISO at KLC Consulting, a certified 3rd Party Assessment Organization (C3PAO), which provides advisory, conducts assessments, and enhances the cybersecurity of the Defense industry supply chain. Kyle also serves on the board of the C3PAO Forum. 

With over 25 years of cybersecurity expertise, Kyle has served as an advisor to renowned organizations such as ExxonMobil, Zoom, DISA (U.S. DoD), Boeing, HP, and Microsoft. His qualifications include CMMC Certified Professional (CCP) and Certified Assessor (CCA) certifications and CISSP, CSSLP, CISA, CIPP/US/G, and ISO 27001 Lead Auditor credentials. Before starting KLC Consulting, Kyle was a CISO at a global I.T. company and Brandeis University – Heller School. Additionally, He was a U.S. DoD operations manager responsible for the cybersecurity training portal supporting the entire Department personnel. 
Ken Squires Headshot (3) (002)

 

Ken Squires

Kenneth is a Director at Sikich and leads the governance, risk and compliance team. With more than two decades of experience managing governance, risk and compliance initiatives, including serving as a virtual Chief Information Security Officer (vCISO) for several companies, Kenneth is able to offer clients unparalleled strategic guidance as they work to complete organizational cybersecurity objectives. He helps clients navigate complex compliance requirements related to a plethora of security standards, including NIST, HIPAA, GLBA, CMMC, SOX, PCI DSS, ISO 27001 and more.

Kenneth has a Bachelor of Science degree with a major in Information Security. He also is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), Certified in Risk and Information Systems Control (CRISC), a HealthCare Information Security and Privacy Practitioner (HCISPP), certified in NSA INFOSEC Assessment Methodology (IAM) and an ISO 27001 Lead Auditor. United States Marine Corps Veteran
WaideJones-360x360

Waide Jones

Waide joined the management team of Exostar in mid-2015 as the Director of Information Security.  He became the Chief Information Security Officer in August of 2016.  In this capacity Waide directs the Exostar information security program to protect its information, assets, and customers.

Prior to joining Exostar, Waide spent 17 years of his career with Lockheed Martin where he held various technical and leadership roles.  He is an accomplished leader and IT security architect.  He has a proven ability to develop and execute cyber security initiatives that include people, process, and technology.  Waide is experienced in working with industry peers to influence change and create opportunities to better protect critical information from cyber threats wherever it resides.  His experiences range from program/team leadership, strategy development, cyber security risk management, supply chain cyber security, budget & financial planning, risk and vulnerability assessments, audit, IT architecture, secure system design, CIRT, forensics, and policy/standard development.

Waide holds a Master Degree in Telecommunications and a Bachelor Degree in Management Information Systems from George Mason University.  Waide has several certifications to include the Certified Information Systems Security Professional (CISSP).
image-1

 

Kevin Hancock

Kevin Hancock has over 20 years experience in secure collaboration with distributed teams and partners in highly regulated markets. He has led Sales Engineering, Customer Success, and Professional Services Teams across a broad technology spectrum including Agile Development and DevOps tools and practices; Zero Trust Networking; and Identity and Access Management just to name a few. Focusing on driving adoption, managing change, and helping customers learn, Kevin joined Exostar in May 2021 as Director, Sales Engineering.