Don’t miss the Florida Cybersecurity and IT Service Provider Workshop on December 1. This workshop is co-hosted with the Florida Department of Economic Opportunity and FloridaMakes.
What will be Discussed?
We will focus on the recent updates to federal mandates for cybersecurity, including recent Executive Orders and focus on critical infrastructure, as well as recently announced changes to the Cybersecurity Maturity Model Certification Program (CMMC 2.0) for companies who do business with the Department of Defense (DoD). The recent Executive Orders have multiple implications for defense contractors and the cybersecurity and IT service providers who support them, including new requirements for “software bill of materials” and secure protocols for software development on behalf of government clients, as well as special provisions for protection of “critical infrastructure” across multiple sectors of the economy.
Likewise, the Defense Federal Acquisition Regulation Supplement (DFARS) sections 252.204-7012, 7019 and 7020 require contractors to self-assess and demonstrate progress toward implementation of the cybersecurity requirements outlined in NIST Special Publication 800-171, and report the status of their cybersecurity preparedness to the DoD via the Supplier Performance Risk System (SPRS). Many contractors across Florida have begun to address these requirements, and there are a number of lessons learned from the effort to identify progress toward implementation of these cybersecurity practices
The new updates to the CMMC model (CMMC 2.0) are intended to be cost-effective and affordable for small businesses in the defense industrial base, and the workshop will include a discussion of the updates to the DFARS and CMMC regulations and their implications, as well as an opportunity for providers to provide their own perspective on the proposed changes.
Whether your company is contracting directly with the Department of Defense as a prime contractor or a subcontractor, or a vendor providing services or products to the prime contractor or subcontractors, regardless of size, you and your clients will now have to be aware of these new changes and keep abreast of developments with these standards in the coming years. Awareness of the applicability of these new standards and need for compliance will be an essential requirement for those affected companies.
Who Should Attend?
Whether you are seeking a “best practices” approach to providing cybersecurity or will be required to meet the new federal cybersecurity standards, this series of educational offerings provide an ever-changing model for responding to real cybersecurity risks that seemingly involve all aspects of our society. Regardless of your profession (risk managers, safety professionals, HR professionals, company managers, IT specialists, attorneys, etc.) or whether you represent individuals or provide services or are a vendor for public or private corporate interests, this seminar will be of significant value to you. Cybersecurity has become a major part of any Risk Management program. Information security is not the sole concern of a company’s IT department; rather, it is “everyone’s problem” within the business and needs everyone’s attention. For those seeking updated technical information on the new cybersecurity requirements for the defense supply chain, information on the most recent developments and their applicability to industry will be presented.