Everything You Wanted to Know About CMMC Preparedness
Stacy Bostjanick, Director of CMMC Policy, OUSD A&S, DoD
Mike Raeder, former Deputy CISO, Director Information Security, Northrop Grumman
Presenter: Alise Brzezinski, Practice Lead CMMC, Fortalice Solutions
Join us for a presentation followed by round table discussion on best practices for CMMC certification. Learn what companies must do to achieve Level 3, what to expect from the audit process, how to apply your efforts in NIST 800-171 compliance to CMMC, and more.
- Understanding of pending CMMC requirements
- Key timelines in an ever changing and new program
- Guidelines to enhance your System Security Plan (SSP)
- Strategy to update the POA&M and prove CMMC compliance
- Best methods to achieve CMMC readiness Level 3
The Defense Industrial Base (DIB) has always been an exclusive club for government contractors and subcontractors. Consider the new Cybersecurity Maturity Model Certification (CMMC) the price of admission.
Up to this point, it was acceptable to list your companies’ control gaps in a prioritized Plan of Action & Milestones (POA&M) and submit to the Department of Defense (DOD) to be evaluated as an authorized contractor. With the implementation of CMMC, you must now take your list of risks and implement mitigation strategies to prove you are a viable contractor. Proof of control compliance is key.
About the Speakers
Alise Brzezinski has over fifteen years of information technology and business management consulting experience in the financial, healthcare, and government sectors. Serving multiple roles throughout her career, Alise has managed multiple IT security audit and systems development analysis projects, led large-scale implementations in a project management lead capacity, and has served in director positions with specific knowledge in: secure application design and development; system requirements gathering and business process re-engineering, systems security/ risk analysis; and gap analysis of regulatory requirements ranging from data protection to privacy, including but not limited to: HIPAA, PCI, GDPR, CCPA, CMMC.
Michael Raeder is a senior technology leader with over 20 years of experience in system and network architecture, governance, information security and enterprise strategy. Most recently Mike was the Deputy Chief Information Security Office and Director of Information Security at Northrop Grumman Corporation, where he was responsible for enterprise wide identity and access solutions, PKI platforms, information security financial management and cyber awareness programs. In this role, Mike had the opportunity to collaborate with industry and government partners on cyber regulatory efforts such as NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC). Prior to joining Northrop Grumman, Mike served as a Senior Director for Cyber Security Services and CISO at Orbital ATK, Senior Director of Information Technology for Digital Signal Corporation, and had multiple IT leadership roles at Blackboard Inc. Mike holds a Bachelor’s degree from George Mason University and an MBA from the University of North Carolina at Chapel Hill.
Stacy Bostjanick is currently serving as the OUSD A&S, Director of Cybersecurity Maturity Model Certification (CMMC) Policy. In this role, she is responsible for managing the initiation of the CMMC program and is responsible for establishing all Policy and Procedures with regard to the CMMC.
Previously, she served as the DIA, Head of Contracting Activity in which she was responsible for planning, managing, directing and accomplishing the total DIA procurement program. Ms. Bostjanick has also worked as a Senior Contracting Officer for the Missile Defense Agency on the Standard Missile 3 Block IA and IB development and production program. She was responsible for cradle-to-grave execution of over $5 billion of highly-complex, cutting-edge contracts for our nation’s missile defense systems. Ms. Bostjanick has also served as the Deputy Procurement Executive with the Office of the Director of National Intelligence where she had responsibility for establishing Intelligence Community Enterprise-wide Policy and submissions to the Program Management Plan on an annual basis.
Ms. Bostjanick has had numerous awards and accomplishments throughout her career including the Naval Meritorious Civilian Service Award, David Packard Excellence in Acquisition Award, Office of the Secretary of Defense Certificate of Appreciation, the Director of National Intelligence Award for Collaboration Leadership, National Intelligence Meritorious Citation, and the Small Business Award.