An Overview of the Defense Department's CMMC Framework

The Defense Department has begun the implementation process for its Cybersecurity Maturity Model Certification Framework or CMMC Framework. The CMMC imposes strict cybersecurity requirements on over 350,000 Defense Department contractors and subcontractors, and the failure to satisfy those requirements can result contractors being fined or even barred from doing business with the DOD. Thankfully there is still plenty of time for contractors to comply with CMMC requirements and prepare for its mandatory audits.

This webinar will help ASIS members that are DOD contractors and subcontractors understand what their requirements might be and how they can meet them.

Learning Objectives

Upon completion, participants will be able to:

• Understand exactly what the CMMC is. Whether it applies to their business.
• Generally understand how to identify systems they will need to secure under the CMMC.
• Develop CMMC compliance budgets.
• Get a sense of changes that might be coming to the CMMC program.

Credit Information

Completion of this webinar is eligible for 1 CPE credit. CPE credits for ASIS-sponsored webinars will be updated in your user profile within 48 hours of completion. Self-reporting of CPE credits is not required.

Presenters*

Brian E. Finch
Partner Pillsbury
Winthrop Shaw Pittman LLP

Brian Finch is a partner in the Washington, DC office of Pillsbury Winthrop Shaw Pittman LLP, where he co-leads the firm's Cybersecurity and Data Privacy team. Brian regularly speaks and writes on security issues, and has written articles for the Wall Street Journal, Politico, The Hill, and other publications. Based in Washington, DC, Brian provides strategic legal counsel to companies from nearly every industry regarding regulatory issues, cyberattacks, national defense and intelligence policies, and homeland security concerns. His experience includes advocating for the American Gas Association, American Public Power Association, National Rural Electric Cooperative Association, and others regarding federal cybersecurity solutions to help reduce liability for exposure to cyberattacks He has helped more than 150 clients take advantage of SAFETY Act liability protections following terrorist or cyberattacks and has testified before the U.S. Congress regarding the Act's provisions. Brian advises on risk mitigation tactics, minimizing post-event negative consequences, and litigation strategies. He has also worked with the Departments of Defense and Health and Human Services on a variety of emergency medical preparedness matters, including weapons of mass destruction (WMD) and pandemic preparedness/response issues.

Michael Rizzo
Government Contracts & Disputes Practice Co-leader Pillsbury
Winthrop Shaw Pittman LLP

Michael Rizzo, Pillsbury's Government Contracts & Disputes practice co-leader, has represented energy, including natural gas clients, defense contractors, design/build firms, transportation and technology companies in multimillion-dollar, precedent-setting cases. A government contracts lawyer in Los Angeles, Michael regularly advises clients on cybersecurity compliance issues including compliance with the Cybersecurity Maturity Model Certification (CMMC) framework. He also prepares Contract Disputes Act certified claims; resolves contract disputes before the ASBCA, the CBCA, California federal and state courts, and in arbitration; and handles termination disputes at the federal, state and local government levels. He defends lawsuits filed under the Civil False Claims Act. He crafts comprehensive government contracts compliance programs designed to reduce clients' future exposure and legal expenditures. Additionally, Michael is experienced in handling internal investigations into quality assurance and pricing issues.

*Note: Speakers and content are subject to change without notice.