Dr. Thomas Graham and Robert Teague to Address CMMC Gap Assessments, Two of DIBCAC’s Most “Other Than Satisfied” Controls, and How Aero-Glen Successfully Satisfied Joint Surveillance Requirements
AUSTIN, TX (January 12, 2023) – Redspin, a division of Clearwater and the first organization authorized as a Cybersecurity Maturity Model Certification (CMMC) Third-Party Assessment Organization (C3PAO), announced today that two of its thought leaders will present in multiple sessions at the upcoming CMMC Implementation Conference 2023 (CIC 2023) taking place at the University of San Diego, January 18-20.
Focused on helping attendees understand the steps they need to take to prepare for CMMC implementation, CIC 2023 features industry-leading vendors and service providers who have the experience and expertise to help organizations meet regulatory requirements for serving as Defense Industrial Base (DIB) contractors. As a partner to leading companies such as Aero-Glen International, which recently became the first company to pass the DIBCAC/C3PAO Joint Surveillance Voluntary Assessment Program (JSVAP), and as the first authorized C3PAO, Redspin is uniquely qualified to educate DIB contractors on how to prepare for the CMMC assessment process that will go into effect once rulemaking is complete.
On Thursday, January 19, from 3-4 pm, Dr. Thomas Graham, Chief Information Security Officer for Redspin, and Robert Teague, CMMC Certified Assessor (CCA) and Sr. Manager of CMMC Services for Redspin, will present “CMMC Workflow: Pre-Kickoff to Done”. The presentation will share real-life experiences from Redspin’s own CMMC journey. Redspin’s experts will address how to conduct a CMMC Gap Assessment by looking at the individual objective evidence requirements, best practices for creation and prioritization of a project plan, and the top 10 most “Not Met” items.
On January 20, from 9-10 am, Dr. Graham and Mr. Teague will participate in a leadership panel titled “Tales from the Trenches: How Aero-Glen Successfully Satisfied DIBCAC/C3PAO Joint Surveillance Req’s”. Aero-Glen International is the first small business to meet the requirements to be CMMC certified once the final rule is in place, having successfully passed a Joint Surveillance Voluntary Assessment Program (JSVAP) conducted by DIBCAC and Redspin. This panel discussion will address JSVAP hurdles, the costs of the assessment, how to gain organizational buy-in, and the benefits of volunteering for a JSVAP early on.
On January 20th, from 10-10:30 am, Dr. Graham will present a “Quick Hits” session addressing DIBCAC’s #3 Most “Other than Satisfied” Control. During the presentation, Dr. Graham will discuss how to implement identification of the internal time requirements and reporting mechanisms based on vulnerability management, and how to properly identify that flaws have been addressed.
Later on January 20th, from 11:30 am-12:00 pm, Mr. Teague, will present another “Quick Hits” session addressing the #1 Most “Not Met” Control. During the session, Mr. Teague will examine NIST SP 800-171 control 3.1.11: “Terminate (automatically) a user session after a defined condition” and will explain how to configure systems to properly meet requirements.
Redspin will be sponsoring lunch for attendees on Thursday, January 19th. Several other Redspin CMMC expert representatives will be attending the conference, including Redspin’s General Manager, Brian McManamon, and its VP of Sales, Jeremy Mares, who will be available to speak with Organizations Seeking Certification (OSCs) about how Redspin helps organizations in highly regulated industries improve cyber readiness and resiliency through strategic and proven programs.
Redspin is a division of cybersecurity and compliance company Clearwater, which focuses on improving the cyber readiness and resiliency of Defense Industrial Base (DIB) organizations. As the first authorized C3PAO for CMMC, Redspin has the expertise and resources to help DIB organizations to minimize cyber risks and protect sensitive information.