The Importance of Tabletop Exercises in a Cybersecurity Plan
June 14, 2022The Road to C3PAO Accreditation
August 15, 2022Wednesday, September 14th, 2022 | 1:15 PM – 3:15 PM CDT
Join our free webinar with CMMC Director, Stacy Bostjanick, for the latest program updates and additional round table discussions with our sponsoring firms.
Hosted by Digital Hands, Gray Analytics, Kratos Defense & Security Solutions, Redstone Government Consulting, and Simple Helix.
Agenda
1:15 PM | Welcome & Introductions |
1:30 PM | Keynote Speaker: Stacy Bostjanick |
1:45 PM | CMMC Q&A: Stacy Bostjanick |
2:05 PM | Round Table: Trends for Small Businesses – Secure enclave or not? – VDI Architecture and Secure Enclaves – Utilizing CSPs and MSSPs |
2:25 PM | Round Table: Contracting & Enforcement – Voluntary Assessments – Civil Cyber Fraud Initiative – DCMA Surveillance and the June 16 DFARS Memo |
2:45 PM | Round Table: Compliant Supply Chain – FedRAMP Reciprocity – Vendor Evaluation – Required Flowdowns |
3:00 PM | Closing |
Speaker: Stacy Bostjanick, Chief of Implementation & Policy, Office of the DoD CIO
Ms. Stacy Bostjanick is a member of the Senior Executive Service and serves as the Chief of Implementation and Policy, Deputy Chief Information Officer for Cybersecurity (DCIO(CS)), Office of the Chief Information Officer. In this position, she serves as the focal point within the DoD CIO to implement the Cybersecurity Maturity Model Certification (CMMC) program across the Defense Industrial Base (DIB).
As the CMMC Director, Ms. Bostjanick is responsible for shepherding this critical program though the Code of Federal Regulation System rulemaking process for both the CFR 32 and 48 and ultimately implementing the program across the more than 220,000 companies that make up the DIB. This includes collaborating across the Federal Government with partners such as the Department of Homeland Security and the other members of the Federal Acquisition Security Council, to standardize this process and truly federalize it. In this role, she also directs the Department’s efforts to educate DIB partners on programmatic requirements and ensures that DoD implements risk information sharing though the program’s execution. Additionally, Ms. Bostjanick is responsible for ensuring the Defense Acquisition community is trained and capable of including these requirements in their Programs and Acquisitions.
Prior to joining the CIO, Ms. Bostjanick served as the Director of SCRM for OCISO(A&S), where she was responsible for ensuring the incorporation of integrated supply chain efforts within USD(A&S). Ms. Bostjanick has an extensive career as an Acquisition Professional with roles that include the head of DIA’s Contracting Activity, and the Senior Contracting Officer for the Missile Defense Agency on the Standard Missile 3 Block IA and IB development and production program. She was responsible for cradle-to-grave execution of over $5 billion of highly-complex, cutting-edge contracts for our nation’s missile defense systems. Ms. Bostjanick has also served as the Deputy Procurement Executive with the Office of the Director of National Intelligence where she had responsibility for establishing Intelligence Community Enterprise-wide Policy and submissions to the Program Management Plan on an annual basis.
Ms. Bostjanick has had numerous awards and accomplishments throughout her career including the Naval Meritorious Civilian Service Award, David Packard Excellence in Acquisition Award, Office of the Secretary of Defense Certificate of Appreciation, the Director of National Intelligence Award for Collaboration Leadership, National Intelligence Meritorious Citation, and the Small Business Award.
Sponsoring Firms
In a world filled with complex threats, Gray Analytics brings clarity to the critical mission of cybersecurity. As a cybersecurity risk management company, we provide best-practice services across a broad spectrum of cyber scenarios, from Hypersonics Engineering to Enterprise Cybersecurity, for both government and commercial customers.
We start by helping you define your biggest threats, with proven follow-through for managing and defending critical ecosystems. And for government contractors we offer CMMC 2.0, NIST, and RMF Compliance support that is second to none.
Cybersecurity can seem like one big gray area. At Gray Analytics, we’ve got that covered.
We offer a variety of services for large and small government contractors including evaluation, education and training, monitoring and DCAA audit preparation. Through our consulting and training programs, government contractors develop and learn to maintain compliance processes that help them succeed by mitigating risk and maximizing profitability.
Simple Helix is an IT Services provider and Tier III Data Center headquartered in Huntsville, AL. We provide businesses with data center, fiber-connectivity and bandwidth, cloud, managed IT, and security services. We also offer compliance solutions for CMMC, ITAR, and more.
Within the cybersecurity/warfare space, Kratos serves as a trusted advisor, supporting commercial companies and agencies through a full life cycle of system design, control implementation, and risk management processes. Most recently, Kratos was authorized as a CMMC Certified Third-Party Assessment Organization (C3PAO). Additionally, Kratos has years of robust compliance and certification experience with government and commercial standards and compliance frameworks requirements. In addition to being a C3PAO, Kratos was one of the first and largest Federal Risk and Authorization Management Program (FedRAMP) Third Party Assessment Organizations (3PAO). Kratos’ compliance experience also includes Payment Card Industry (PCI), Federal Information Security Management Act (FISMA) and the National Institute of Standards & Technology (NIST)/Risk Management Framework (RMF). Kratos is viewed as a trusted compliance and governance partner by the DoD, Federal Civilian Agencies, Intelligence Community (IC), and commercial organizations.
Kratos is prepared to offer Advisory or Assessment services. Assessment services include scoping analyses, readiness assessments, penetration testing, and continuous monitoring. Advisory services include gap assessments, documentation, and process and engineering consulting services.
For more information, go to www.kratosdefense.com/cyber.