Business Communication

Phoenix TS Took To San Diego For CIC 2023: Highlights From The Conference And What Comes Next

March 22, 2023

Sean McKay

Workshops. Discussions. Problem-solving. CIC 2023 was an energizing experience for all of us at Phoenix TS. This was a group effort many years in the making. From inception in 2019 to now, we have come so far in helping the DoD and businesses all over the United States in compliance with cybersecurity best practices. This conference was a culmination of all we’ve accomplished in collaboration with our partners and a stepping stone into the future. We all came together at the CIC 2023 with one goal, as cyber warriors working to protect the supply chain. We shared and workshopped our thoughts and ideas. And now, post-CIC 2023, it’s time for action. 

The CMMC IMPLEMENTATION CONFERENCE (CIC) was held at the University of San Diego on January 18, 2023 – January 20, 2023. Phoenix TS was a gold sponsor for CIC 2023 and hit the West Coast to lead a 3-day pre-conference training event that prepared professionals for the CCA (Certified CMMC Assessor) exam. The CCA exam verifies a candidate’s readiness to perform as an effective Certified Assessor of Organizations Seeking Certification (OSC) at CMMC Level 2. A passing score on this exam is a prerequisite to the Certified CMMC Lead Assessor certification. Model documents and supporting reference material will be provided to students during the CCA exam. 

Are you ready for some highlights from CIC 2023?

CIC 2023 attendees had the privilege of learning from Katie Arrington, owner of LD Innovations and the Mother of CMMC on Thursday during the Government Contractor (OSC) Track, sponsored by the MNS Group. Led by Ms. Arrington, Introducing CMMC to the Organization session provided eager conferencegoers with tools, tips, and techniques for successfully leading the culture change necessary to protect the government’s sensitive but unclassified information and win more contracts. 

Ben Tchoubineh sat down with Ms. Arrington to discuss how the vision of CMMC became reality. In this interview, Ms. Arrington gives us a history of how CMMC came to be and how important it is for the functioning, security, and ultimate success of all businesses. She says “CMMC started just with the DoD but it has far more reaching capability in every industry in every sector in the U.S…because everything has cyber in it now.” She goes on to stress that “Cyber compliance is the thing that holds us all together.”

CIC 2023 attendees also had the opportunity to experience a complementary session with FutureFeed CEO Mark Berman. As observers of the industry and its users, FutureFeed is in a perfect position to provide tips and tricks for the software platform as well as how it is used.  This 3-hour session dissected the platform, and the strategy inherent in the design, and provided insight as to the future.

Mr. Tchoubineh interviewed Mr. Berman for his insight into CMMC Compliance. In this interview, Mr. Berman talks about how everybody has good ideas and that this conference was a place to bring these good ideas so we can continue to figure out how to improve cybersecurity in our supply chain. He explained that CIC 2023 was a safe place to say “I don’t know” or “I have a different way of looking at it” and that it takes all of us coming together to learn from each other. 

He states that his company Future Feed is a compliance tool and that compliance can be used to improve all aspects of a company. He says “Let’s not talk about how to secure the supply chain, let’s do something about it.”

Another highlight was Amy Starzynski’s CMMC in Higher Education session, a great example of how CMMC has a much farther reach than just the DoD. Starzynski Coddens talks about CMMC Compliance for Higher Education with Mr. Tchoubineh here

 Starzynski Coddens’ session provided insight into how when it comes to the United States Department of Defense’s CMMC program, and even the handling of potential Controlled Unclassified Information (“CUI”) in general, Higher Education Institutions (“HEIs”) face unique challenges. Most HEIs are set up to openly share information since the sharing of information is the cornerstone of innovation and learning. However, open information sharing is antithetical to fundamental concepts in the U.S. National Archives and Records Administration’s CUI program, and in particular in the National Institute of Standards and Technology (NIST)’s Special Publication 800-171. At the same time, the DoD and other government agencies need help from academia, and researchers rely on funding from government agencies to further their research. So, how does an HEI deal with this conundrum?

Attendees of the “CMMC in Higher Education” session had the chance to learn from Amy Starzynski Coddens and Jason Pufahl, two highly experienced cybersecurity practitioners who are intimately familiar with HEIs.  

While this session focused on HEIs, there are aspects of the HEI environments that are similar to other nonprofit and even commercial entities, and the lessons learned were beneficial to most organizations.

Anyone doing business with the DoD must be CMMC compliant when the rules change. You work hard to get those DoD contracts. Don’t lose them to non-compliance. Phoenix TS is a certified Licensed Training Provider (LTP) through The Cyber AB. If you did not make it to San Diego in January, fear not. Phoenix TS has several CMMC courses available, both online and in-person, for those needing CMMC certification training. Check out our CCA training courses, offered once monthly. Phoenix TS also provides several sessions of instructor-led Certified CMMC Professional (CCP) training and certification boot camp in Washington, DC Metro, Columbia, MD, or Live Online that provides the knowledge required for the CMMC-AB Certified CMMC Professional (CCP) certification. With CMMC compliance soon to be mandated for all government contractors, and compliance taking six months to complete, don’t wait to register for one of these programs before they all fill up.

subscribe by email

Stay Ahead

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.