THE OFFICIAL CONFERENCE OF THE CYBER AB

CMMC Ecosystem Summit + CMMC Implementation Conference

CMMC Ecosystem Summit +
CMMC Implementation Conference

Presented by CIC in Partnership with the Cyber AB
NOVEMBER 21-22, 2024
Gaylord National Resort & Convention Center, md
BECOME A SPONSOR

Explore the Progress and Challenges of CMMC

That’s why we created the CEIC conference.  We have carefully designed CEIC so it has something for everyone in the broader CMMC ecosystem!  Whether you are a CMMC novice looking for help getting started, a seasoned pro looking for advanced training, or a service provider who wants a sneak peek into next-generation solutions to help you more efficiently maintain CMMC-compliant environments at scale, CEIC East has something for everyone.  Join us November 21-22 to learn the latest updates on the CMMC program and much more!

The Venue

Gaylord National Resort & Convention Center
National Harbor, MD
Standing on the shores of the Potomac River, Gaylord National Resort & Convention Center offers convenient access to many of Maryland’s most beloved attractions, some of which are right under this hotel’s roof. From the 19-story glass atrium overlooking the river to fountain shows, distinct restaurants and signature seasonal attractions, you’ll experience it all. Cap off your night at the rooftop bar before unwinding in a spacious room or suite with views of the Potomac.
LEARN MORE

Now Accepting Sponsors

Limited quantities available. First come, first served basis.
SPONSOR NOW

OUR SPONSORS

OUR EXHIBITORS

APPLY TO BE A SPEAKER

Are you passionate about sharing your expertise and insights? We invite you to contribute to CEIC East by becoming a speaker!
Applications close July 1, 2024

APPLY NOW

SPEAKERS

Fernando Machado

Managing Principal & Chief Information Security Officer, Cybersec Investments

READ BIO

Fernando is the Managing Principal & Chief Information Security Officer for Cybersec Investments, an Authorized CMMC 3rd Party Assessment Organization (C3PAO) and Service-Disabled Veteran-Owned Small Business (SDVOSB). Fernando is an Iraq War Veteran, Certified CMMC Assessor (CCA), and Certified CMMC Professional (CCP). Fernando was a member of the CMMC Accreditation Body’s Standards Management Industry Working Group, which helped develop guidance on CMMC’s assessment criteria & scoping with over 17,000 volunteer hours. His contributions led to being formally recognized by the President of the United States with the President’s Volunteer Service Award.

Matt Titcombe

Founder, Peak InfoSec

READ BIO

As the founder of Peak InfoSec, Matt left the Federal government sector as an Air Force Program Manager to reapply his 25+ years of Information Security & Technology experience to the commercial sector. Matt now leads an organization that specializes in Information Security Turn Around efforts supporting federal and commercial sectors. Matt has been brought in to consult with organizations across the globe like United Launch Alliance, Sony, ConocoPhillips, and Munich Re-Insurance. His commitment to supporting the military and Defense Industrial Base did not stop when he left the Air Force. Matt is a recognized leader in the DoD’s new Cybersecurity Maturity Model Certification (CMMC). His leadership efforts led him to lead one of the first Authorized CMMC 3rd Party Assessor Organizations (C3PAO); being certified as a CMMC Provisional Assessor; volunteering on the CMMC Accreditation Body Industry Standards Working Group; and, as a Subject Matter Expert, helping several institutions develop CMMC training curricula.

Matthew Travis

Chief Executive Officer
Cyber Accreditation Body

READ BIO

Mr. Travis is the first chief executive officer of the Cyber Accreditation Body (the Cyber AB). Previously, Travis served as the first deputy director of the Cybersecurity and Infrastructure Security Agency (CISA), the nation’s leading civilian cybersecurity agency. There he oversaw the day-to-day operations of the $2+ billion, 2000+ employee organization across the full range of its mission in cybersecurity, infrastructure protections and emergency communications. Prior to this position, he was the deputy undersecretary for national protection (NPPD) within the Department of Homeland Security.

Before entering government service in 2018, Travis served as vice president of homeland security for Cadmus, a security, energy, and environmental professional services firm. He joined Cadmus when the security consultancy he co-founded, Obsidian Analysis, Inc., was acquired by Cadmus in 2016.

A former naval officer, Travis served as an engineering auxiliaries officer aboard the guided-missile frigate U.S.S. CARR (FFG 52). He then served a tour as White House Liaison to the Secretary of the Navy and was also a White House Military Aide. He is a 1991 graduate of the University of Notre Dame and holds a master’s in national security studies from Georgetown University. He has appeared on both CNN and MSNBC in providing analysis of cybersecurity and homeland security issues.

AGENDA INPUT

Share your topic ideas and help us create the best agenda yet.

SHARE YOUR IDEAS

DRAFT AGENDA

Agenda subject to change

Continuing Education Units are available and awarded based on individual attendance records for both in-person and virtual attendees. In-person attendees will be responsible for checking in to each session to ensure accurate records are made. While we make great efforts to ensure our conference sessions are informative, we cannot guarantee that all certificate-issuing organizations will accept credit for all sessions.  Please consult with your certificate-issuing organization for more details about their certification requirements.

Full Agenda
Day 1
Day 2
Day 1

8:00 AM EST

Registration and Breakfast
Day 1

9:00 AM EST

OPENING KEYNOTE
Annual Report on the CMMC Ecosystem

READ MORE

- State of the Industry
- What is new?
- What is coming?
Matthew Travis
Chief Executive Officer
Cyber Accreditation Body
Day 1

10:45 AM EST

GENERAL SESSION
The Importance of a Secure Supply Chain

READ MORE

Insert info here
DoD CIO or other High-Profile Speaker
Potentially Joined by Members of the Military with Actual Stories
Day 1

12:30 PM EST

Patriot's Lunch
Exhibit Hall
Day 1

2:00 PM EST

BREAKOUT SESSIONS
OSC Breakout 1
12 Steps to Compliance

READ MORE

  • Walk-through of what needs to happen before scheduling an official assessment
  • List of milestones
RPO Speaker TBD
Service Provider Breakout 1
The ESP (and other Service Providers) in 2024

READ MORE

  • Training for MSPs, MSSPs, and Consultants
  • Templating Your Practice – SOPs that Produce Artifacts and Evidence
  • Building Partnerships Between Service Providers – the rules and the benefits
LTP Rep, RPO Rep, C3PAO Rep, Cyber AB Rep TBD
Innovation Breakout 1
Practice Management that Works

READ MORE

  • Advertise, Engage, Qualify, Execute and Deliver – Best Practices
  • Protecting your Brand - Standardization Strategies
  • Building Quality Relationships with other Service Providers and CCAs
Speaker TBD
Day 1

3:30 PM EST

BREAKOUT SESSIONS
OSC Breakout 2
Documentation – Too Much, Too Little and Just Right

READ MORE

  • Examine: Evidence and Artifacts needed to validate a control
  • Interview: How to direct the assessor to the right interviewees and tips for the interviewee
  • Control Summaries
  • Objective Statements
  • Best Practices for keeping policies and procedures up-to-date
  • Reference Documents – what is needed and how frequently to refresh their content
Shared Session: TBD
Service Provider Breakout 2
Communicating with your Client

READ MORE

  • Kickoff – Setting Expectations 
  • RACI – Who Owns What? 
  • Project Updates 
  • Bad Guy or Good Guy?  Leading or Nagging to Ensure Evidence Creation Follow-Through 
Panel TBD
Innovation Breakout 2
The Real Threats in 2024

READ MORE

  • Social Engineering War Stories 
  • The Tricks of the Adversary 
  • The Evolution of our Defense 
Small Panel TBD
Day 1

4:30 PM EST

Happy Hour
Day 2

8:00 AM EST

Registration and Breakfast
Day 2

9:00 AM EST

BREAKOUT SESSIONS
OSC Breakout 3
Deep Dive on Two Controls – Start to Prepped

READ MORE

  • Assess, Document, Evidence -> Repeat 
  • Initial assessment of the control 
  • Document how the control is to be met 
  • Proving it with evidence 
Speaker: RPO TBD
Service Provider Breakout 3
ESP Participation by Control

READ MORE

  • Controls that you can’t do 
  • Control by Control Survey of typical ESP-Responsible Services 
  • Offloading Control Responsibilities to a CMMC Secure Cloud 
Speaker TBD
Innovation Breakout 3
AI – The Scary, The Useful, and The Wrong

READ MORE

  • The Scary – Unchecked convenience creates false confidence 
  • The Useful – How to use AI to get a start, or inspire improvement 
  • The Wrong – Findings, Reputation Risk and Breach 
Speaker TBD
Day 2

10:45 AM EST

BREAKOUT SESSIONS
OSC Breakout 4
Building a Culture of Evidence

READ MORE

  • The challenge of creating evidence regularly 
  • CMMC Benefits of SOPs to management and quality product delivery  
A facilitator and a successful OSC TBD
Service Provider Breakout 4
CUI – Comply or Die

READ MORE

  • Identifying 
  • Marking (And dealing with unmarked CUI) 
  • Tracking 
  • CUI Footprint and the Impact on Scope (And Assessment Cost) 
Speaker TBD
Innovation Breakout 4
Inheritance and SRMs

READ MORE

  • How to document it when it is “Someone Else’s Job”
Speaker TBD
Day 2

12:30 PM EST

Defender's Lunch
Exhibit Hall
Day 2

1:45 PM EST

Mock Assessment

READ MORE

  • Finding a C3PAO 
  • The kickoff 
  • Qualifying document review 
  • Interviews 
  • Tests 
  • Findings 
Panel TBD
C3PAO and a person representing OSC
Day 2

2:30 PM EST

End of Conference
Day 1

8:00 AM EST

Registration and Breakfast
Day 1

9:00 AM EST

OPENING KEYNOTE
Annual Report on the CMMC Ecosystem

READ MORE

- State of the Industry
- What is new?
- What is coming?
Matthew Travis
Chief Executive Officer
Cyber Accreditation Body
Day 1

10:45 AM EST

GENERAL SESSION
The Importance of a Secure Supply Chain

READ MORE

Insert info here
DoD CIO or other High-Profile Speaker
Potentially Joined by Members of the Military with Actual Stories
Day 1

12:30 PM EST

Patriot's Lunch
Exhibit Hall
Day 1

2:00 PM EST

BREAKOUT SESSIONS
OSC Breakout 1
12 Steps to Compliance

READ MORE

  • Walk-through of what needs to happen before scheduling an official assessment
  • List of milestones
RPO Speaker TBD
Service Provider Breakout 1
The ESP (and other Service Providers) in 2024

READ MORE

  • Training for MSPs, MSSPs, and Consultants
  • Templating Your Practice – SOPs that Produce Artifacts and Evidence
  • Building Partnerships Between Service Providers – the rules and the benefits
LTP Rep, RPO Rep, C3PAO Rep, Cyber AB Rep TBD
Innovation Breakout 1
Practice Management that Works

READ MORE

  • Advertise, Engage, Qualify, Execute and Deliver – Best Practices
  • Protecting your Brand - Standardization Strategies
  • Building Quality Relationships with other Service Providers and CCAs
Speaker TBD
Day 1

3:30 PM EST

BREAKOUT SESSIONS
OSC Breakout 2
Documentation – Too Much, Too Little and Just Right

READ MORE

  • Examine: Evidence and Artifacts needed to validate a control
  • Interview: How to direct the assessor to the right interviewees and tips for the interviewee
  • Control Summaries
  • Objective Statements
  • Best Practices for keeping policies and procedures up-to-date
  • Reference Documents – what is needed and how frequently to refresh their content
Shared Session: TBD
Service Provider Breakout 2
Communicating with your Client

READ MORE

  • Kickoff – Setting Expectations 
  • RACI – Who Owns What? 
  • Project Updates 
  • Bad Guy or Good Guy?  Leading or Nagging to Ensure Evidence Creation Follow-Through 
Panel TBD
Innovation Breakout 2
The Real Threats in 2024

READ MORE

  • Social Engineering War Stories 
  • The Tricks of the Adversary 
  • The Evolution of our Defense 
Small Panel TBD
Day 1

4:30 PM EST

Happy Hour
Day 2

8:00 AM EST

Registration and Breakfast
Day 2

9:00 AM EST

BREAKOUT SESSIONS
OSC Breakout 3
Deep Dive on Two Controls – Start to Prepped

READ MORE

  • Assess, Document, Evidence -> Repeat 
  • Initial assessment of the control 
  • Document how the control is to be met 
  • Proving it with evidence 
Speaker: RPO TBD
Service Provider Breakout 3
ESP Participation by Control

READ MORE

  • Controls that you can’t do 
  • Control by Control Survey of typical ESP-Responsible Services 
  • Offloading Control Responsibilities to a CMMC Secure Cloud 
Speaker TBD
Innovation Breakout 3
AI – The Scary, The Useful, and The Wrong

READ MORE

  • The Scary – Unchecked convenience creates false confidence 
  • The Useful – How to use AI to get a start, or inspire improvement 
  • The Wrong – Findings, Reputation Risk and Breach 
Speaker TBD
Day 2

10:45 AM EST

BREAKOUT SESSIONS
OSC Breakout 4
Building a Culture of Evidence

READ MORE

  • The challenge of creating evidence regularly 
  • CMMC Benefits of SOPs to management and quality product delivery  
A facilitator and a successful OSC TBD
Service Provider Breakout 4
CUI – Comply or Die

READ MORE

  • Identifying 
  • Marking (And dealing with unmarked CUI) 
  • Tracking 
  • CUI Footprint and the Impact on Scope (And Assessment Cost) 
Speaker TBD
Innovation Breakout 4
Inheritance and SRMs

READ MORE

  • How to document it when it is “Someone Else’s Job”
Speaker TBD
Day 2

12:30 PM EST

Defender's Lunch
Exhibit Hall
Day 2

1:45 PM EST

Mock Assessment

READ MORE

  • Finding a C3PAO 
  • The kickoff 
  • Qualifying document review 
  • Interviews 
  • Tests 
  • Findings 
Panel TBD
C3PAO and a person representing OSC
Day 2

2:30 PM EST

End of Conference
Day 1

8:00 AM EST

Registration and Breakfast
Day 1

9:00 AM EST

OPENING KEYNOTE
Annual Report on the CMMC Ecosystem

READ MORE

- State of the Industry
- What is new?
- What is coming?
Matthew Travis
Chief Executive Officer
Cyber Accreditation Body
Day 1

10:45 AM EST

GENERAL SESSION
The Importance of a Secure Supply Chain

READ MORE

Insert info here
DoD CIO or other High-Profile Speaker
Potentially Joined by Members of the Military with Actual Stories
Day 1

12:30 PM EST

Patriot's Lunch
Exhibit Hall
Day 1

2:00 PM EST

BREAKOUT SESSIONS
OSC Breakout 1
12 Steps to Compliance

READ MORE

  • Walk-through of what needs to happen before scheduling an official assessment
  • List of milestones
RPO Speaker TBD
Service Provider Breakout 1
The ESP (and other Service Providers) in 2024

READ MORE

  • Training for MSPs, MSSPs, and Consultants
  • Templating Your Practice – SOPs that Produce Artifacts and Evidence
  • Building Partnerships Between Service Providers – the rules and the benefits
LTP Rep, RPO Rep, C3PAO Rep, Cyber AB Rep TBD
Innovation Breakout 1
Practice Management that Works

READ MORE

  • Advertise, Engage, Qualify, Execute and Deliver – Best Practices
  • Protecting your Brand - Standardization Strategies
  • Building Quality Relationships with other Service Providers and CCAs
Speaker TBD
Day 1

3:30 PM EST

BREAKOUT SESSIONS
OSC Breakout 2
Documentation – Too Much, Too Little and Just Right

READ MORE

  • Examine: Evidence and Artifacts needed to validate a control
  • Interview: How to direct the assessor to the right interviewees and tips for the interviewee
  • Control Summaries
  • Objective Statements
  • Best Practices for keeping policies and procedures up-to-date
  • Reference Documents – what is needed and how frequently to refresh their content
Shared Session: TBD
Service Provider Breakout 2
Communicating with your Client

READ MORE

  • Kickoff – Setting Expectations 
  • RACI – Who Owns What? 
  • Project Updates 
  • Bad Guy or Good Guy?  Leading or Nagging to Ensure Evidence Creation Follow-Through 
Panel TBD
Innovation Breakout 2
The Real Threats in 2024

READ MORE

  • Social Engineering War Stories 
  • The Tricks of the Adversary 
  • The Evolution of our Defense 
Small Panel TBD
Day 1

4:30 PM EST

Happy Hour
Day 2

8:00 AM EST

Registration and Breakfast
Day 2

9:00 AM EST

BREAKOUT SESSIONS
OSC Breakout 3
Deep Dive on Two Controls – Start to Prepped

READ MORE

  • Assess, Document, Evidence -> Repeat 
  • Initial assessment of the control 
  • Document how the control is to be met 
  • Proving it with evidence 
Speaker: RPO TBD
Service Provider Breakout 3
ESP Participation by Control

READ MORE

  • Controls that you can’t do 
  • Control by Control Survey of typical ESP-Responsible Services 
  • Offloading Control Responsibilities to a CMMC Secure Cloud 
Speaker TBD
Innovation Breakout 3
AI – The Scary, The Useful, and The Wrong

READ MORE

  • The Scary – Unchecked convenience creates false confidence 
  • The Useful – How to use AI to get a start, or inspire improvement 
  • The Wrong – Findings, Reputation Risk and Breach 
Speaker TBD
Day 2
Day 2

10:45 AM EST

BREAKOUT SESSIONS
OSC Breakout 4
Building a Culture of Evidence

READ MORE

  • The challenge of creating evidence regularly 
  • CMMC Benefits of SOPs to management and quality product delivery  
A facilitator and a successful OSC TBD
Service Provider Breakout 4
CUI – Comply or Die

READ MORE

  • Identifying 
  • Marking (And dealing with unmarked CUI) 
  • Tracking 
  • CUI Footprint and the Impact on Scope (And Assessment Cost) 
Speaker TBD
Innovation Breakout 4
Inheritance and SRMs

READ MORE

  • How to document it when it is “Someone Else’s Job”
Speaker TBD
Day 2

12:30 PM EST

Defender's Lunch
Exhibit Hall
Day 2

1:45 PM EST

Mock Assessment

READ MORE

  • Finding a C3PAO 
  • The kickoff 
  • Qualifying document review 
  • Interviews 
  • Tests 
  • Findings 
Panel TBD
C3PAO and a person representing OSC
Day 2

2:30 PM EST

End of Conference

CMMC Speed-Dating for 2024. Bringing Expertise to Those in Need.

Efficiently matching DIB participants with the knowledge, expertise and C3PAOs they need to achieve CMMC certification.
LEARN MORE

CEIC EAST

a Production of ForumMakers.com

Highlights from the most recent Forum Makers event - CIC 2024.
  • "I'm really blown away by the number of individuals I've seen. A lot of people here are promoting themselves. They're here to see what's going on, to see how we're growing this ecosystem."
    Katherine "Kat" Adams
    Sr. Cybersecurity Consultant, Instructor
    Edwards Performance Solutions
  • "I've noticed that there seems to be a lot more productive conversation. One of the things that I really appreciate about the people that attend this event is that they're all trying to make each other stronger."
    Jon Bierer
    Sr. Compliance Consultant, C3 Integrated Solutions
  • "Really impressed with the attendance, really impressed with the different learning tracks, three different learning tracks this year. And so I'm kind of picking and choosing sessions across all three tracks."
    James Bowman
    Sr. Director, Federal Security Compliance SME
    Diligent

FAQ

What are the registration costs?

Where is CEIC being held?

CEIC 2024 will be held at the Gaylord National Harbor Resort & Convention Center in Maryland. Learn more.

What is the dress code for CEIC 2024?

Business Casual to Business Professional.

Is there a room block available for CEIC?

Save on your hotel by registering with our reserved room block! Click here:  https://book.passkey.com/go/CMMC2024
support@forummakers.com
(888) 800-4071
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram