9:00 am Registration & Networking
Workshop A
10:00 am Overviewing Compliance Frameworks to Align with the Most Relevant Standards for Your Business
Synopsis
- Evaluating the alignment and key differences between key security frameworks, such as NIST, ISO, CISA, and CMMC, and their respective roles in shaping a cohesive and secure organizational environment
- Assessing the framework that is best suited to your business based on your organization’s size, sector, regulatory obligations, and minimal requirements required for complying with U.S. laws
- Weighing the trade-offs between different frameworks, including the ease of onboarding and ongoing maintenance
Workshop B
11:00 am Navigating the Current State of CMMC & Preparing Your Business for Organizational Adoption
Synopsis
- Breaking down CMMC’s current structure, levels, and recent updates to the framework
- Identifying the right time to adopt CMMC based on contract types, upcoming deadlines, and your organization’s federal work pipeline
- Supporting your subcontractors in obtaining CMMC certification to work with compliant partners, reduce vulnerabilities and strengthen overall cybersecurity resilience
12:00 pm Networking Lunch
Workshop C
1:00 pm CMMC Reality Check: What to Expect, How to Prepare, and What Not to Miss
Synopsis
- Understanding the differences between readiness groups
- Exploring how C3PAOs truly operate in practice and what to expect during a C3PAO audit
- Reviewing what key questions to ask before engaging a readiness group or C3PAO
- Looking beyond NIST 800-171 to address DFARS & NFO controls
Workshop D
2:00 pm Navigating the Internal Journey to CMMC Compliance to Secure Future Federal Opportunities
Synopsis
- Understanding the necessary steps to become CMMC compliant, from foundational compliance to project implementation
- Examining different ways to achieve CMMC compliance, including enhancing organizational standards, enlisting support from consultants, or creating specialized teams dedicated solely to federal contracts
- Sharing CMMC war stories to gain actionable strategies, avoid common mistakes and streamline compliance efforts to secure more federal contracts
3:00 pm Afternoon Break & Networking
Workshop E
3:30 pm Construction Threat Intelligence 2025: Defending Against Real-World Attacks with Risk-Based Prioritization
Synopsis
- Reviewing real-world attack paths impacting the construction industry today and how to identify which vulnerabilities pose the greatest risk to your operations
- Exploring how to integrate real-time threat intelligence with vulnerability exposure management to continuously close the gaps attackers are actively targeting
- Sharing practical strategies for building a threat-informed security program tailored to construction’s unique challenges