Cybersecurity Maturity Model Certification (CMMC) at Glance > Who, What, When and How the program with impact contractors, subcontractor and agencies.
As cybersecurity threats increase in intensity and impact, the U.S. Department of Defense has created the Cybersecurity Maturity Model Certification (CMMC) and made it a requirement for all contractor and subcontractor that seeks to contract with the DOD.
DLT, a Tech Data company and Coalfire have partnered to help examine the intricate certification levels and controls to the Department of Defense's CMMC compliance, with additional details of the impact in management of workloads in the cloud. The Cybersecurity Maturity Model Certification (CMMC) will be a new requirement for all DoD contractors, replacing the self-attestation model and moving towards third party certification and compliance.
Sign up today.
Speakers
Mali Yared
Director, Cybersecurity and Privacy
Mali Yared joined Coalfire in November 2016 and is a Director within the Cyber Risk Advisory (CRA) department at Coalfire. Mali is responsible for driving revenue and growth expansion opportunities, leading teams/projects, managing client satisfaction, and employee recruitment/retention activities within CRA.
Leadership: Role
- Partnering and networking with government and industry leaders in developing standards and improving the holistic growth of risk based security and privacy initiatives leveraging industry frameworks such as NIST CSF, FFIEC, NY DFS, NIST SPs (800-53, 30, 37, 171, 161) DFARS, CMMC, ITAR, SOC, GLBA, FERPA, UK Cyber Essentials, PIPEDA, GDPR, CCPA
- Lead the growth in firm eminence through publishing and public speaking.
- Starting/growing the practice in response to industry and government regulations. Developing new practice portfolios, sales projections, market support required, staffing needs.
- Strategizing and implementing organization wide cyber risk solutions, small or large scale, leveraging short and long-term timelines to fit client threat landscape and budget.
- Continuously exploring and inventing better methodologies to meet client needs. Thoughtful and decisive team leadership experience with proven ability to build positive relationships; lead and motivate others, and foster followership and affiliation within Coalfire. Proven ability to achieve collaboration on a common vision and drive compelling value propositions for stakeholders.
Cybersecurity Role: Providing C-Suite and board level advisory support on key industry trends, threats and vulnerabilities. Record of achievement in leading the deployment of risk management strategies, developing information security policies, procedures, and control frameworks within the commercial and U.S. Government markets.
Privacy Role: Leading the growth of market space in Privacy initiatives including GLBA, GDPR, CCPA, LGPD, PIPEDA, and the various Sectoral Privacy Laws in the US. Working with industry partners such as the NIST Privacy Framework Group and the IAPP toward pioneering an effective and sustainable personal data protection approach that is geography and industry agnostic.
CMMC Role: Started the NIST 800-171 DFARS Practice. Currently lead for CMMC Advisory Services at Coalfire
Adam Salerno
Sr. Director, Cloud Solutions Engineering
Adam Salerno joined Coalfire in June 2009 and is a Sr. Director within the Solutions Engineering department. Adam is responsible for driving automation thought leadership and leading the Cloud Engineering team, a group of engineers that are trained in both compliance frameworks and implementing modular public cloud based solutions for our clients.
Leadership: Role Adam leads technically complex projects and has spent time focusing in cloud security, network architecture, and IT Compliance strategy. He also has a history in defense-in-depth solutions for hypervisors, storage, and mobile/wireless security.
Adam has spent 15 years of information technology and brings significant cyber experience in both commercial and public sector enterprises. An experienced technical leader, Adam is comfortable conversing with both technical engineers and C-level executives alike. Adam enjoys managing top talent engineers and architects that provide customer-centric advice and defense-in-depth security.
He has worked on projects relating to compliance frameworks such as PCI, HITRUST, NERC, FISMA, CJIS, FedRAMP, et al.
Don Maclean
Chief Cybersecurity Technologist, DLT, a Tech Data company
As Chief Cybersecurity Technologist for DLT, Don Maclean formulates and executes cybersecurity portfolio strategy, speaks and writes on security topics, and socializes his company's cybersecurity portfolio. Don has nearly 30 years' experience working with U.S. Federal agencies. Before joining DLT in 2015, Don managed security programs for numerous U.S. Federal clients, including DOJ, DOL, FAA, FBI, and the Treasury Department. This experience allowed him to work closely with the NIST Risk Management Framework featured in this article, and to understand its strengths and weaknesses. In addition to his CISSP, PMP, CEH, and CCSK certificates, Don's holds a B.A. in Music from Oberlin, an M.S. in Information Security from Brandeis Rabb School, and is nearing completion of his second Bachelor's in Mathematics. An avid musician, Don organizes a concert for charity every year, and has been known to compete in chess and Shogi (Japanese chess) tournaments, both in person and online.