What Information will be Discussed?
DAY 1 – September 16
Participants will receive a comprehensive look at the increased emphasis on cybersecurity in response to numerous reported cyber breaches that are occurring in our nation. Beginning first with the “basics” of cybersecurity, presenters will define cybersecurity, the importance of being concerned about protecting data both from an individual and corporate basis, who are the “bad guys” and how to recognize when a breach is occurring or has occurred. A simulated breach will be demonstrated. The prevention of cyber breaches and negative consequences will also be discussed.
Understanding the need for cybersecurity on a national and international level is best explained by Senator Marco Rubio in his keynote address during the lunch session. In his position in the U.S. Senate, Senator Rubio is fully aware of the extremely important need for a robust cybersecurity emphasis for national and international security/defense reasons. His presentation will be followed by representatives of leading industries concerned with major initiatives to prevent any cyber breach and the dramatic consequences on the total infrastructure of the nation, i.e., a breach that could close all ports in America, dismantle energy sources, hinder or stop communications, prevent coordination of military protections or otherwise disrupt the basic economy of our nation—situations that are akin to what the American public has experienced recently.
DAY 2 – September 17
We will focus on the new federally mandated Cybersecurity Maturity Model Certification Program (CMMC) set to become effective starting in 2020 for companies who do business with the DoD. The intent of the CMMC is to combine various current cybersecurity standards into one unified standard for cybersecurity. The CMMC will also measure the maturity of a company’s cybersecurity practices and processes through an independent auditing process. It will serve as a framework to protect sensitive unclassified information under the control of a DoD Contractor. This discussion will be brought to attendees by the authors and consultants of the standards themselves. Katie Arrington, CISO to the Secretary of Defense for Acquisition, will explain the overall intent of the new standards and will lead the national effort to ensure compliance by a broad base of industry defined as those companies that are a part of the defense industrial supply chain.
Whether your company is contracting directly with the Department of Defense as a prime contractor or a subcontractor, or vendor providing services or products to the prime contractor or subcontractors, regardless of size, your company will now have to be audited and certified as compliant with these new standards. Specifically designed to be cost-effective and affordable for small businesses, these new CMMC Standards will be described in detail with timelines for compliance by members of the commission that actually drafted the standards. Without compliance of these new standards, companies will soon realize that they are precluded from providing services and products that possibly were a mainstay in their profitability in the past. Awareness of the applicability of these new standards and need for compliance will be an essential requirement for those affected companies.
Who Should Attend?
Whether you are seeking a “best practices” approach to providing cybersecurity or will be required to meet the new federally mandated standards, this series of educational offerings provide an ever-changing model for responding to real cybersecurity risks that seemingly involve all aspects of our society. Regardless of your profession (risk managers, safety professionals, HR professionals, company managers, IT specialists, attorneys, etc.) or whether you represent individuals or provide services or are a vendor for public or private corporate interests, this seminar will be of significant value to you. Cybersecurity has become a major part of any Risk Management program. It is not for the sole concern of a company’s IT department; rather, it is “everyone’s problem” within the business and needs everyone’s attention. For those seeking updated technical information on the new defense “supply chain” mandatory cybersecurity requirements, professionals responsible for their development and use by industry will be presented.