As a Director with Cherry Bekaert Digital, Steve Holliday assists clients with improvement, helping organizations to use resources more effectively and efficiently, and to enable growth, by understanding the current state, identifying performance gaps and developing and executing improvement strategies.
Steve has 30 years of experience as an operations management, information technology, information security, and process improvement executive. His key skills include information technology, digital transformation, strategy and road mapping, systems thinking, operational analysis, risk management and leadership of change. Certified Lean Six Sigma Master Black Belt and Certified Information Security Manager (“CISM”).
Why Should I Care? Cybersecurity Maturity Model Certification (CMMC): DoD / Non-DoD
Whether part of the DoD Supply Chain, or not, the Cyber Maturity Model Certification, largely built upon NIST 800-171, provides a great framework for understanding your information security risk and intelligently putting solid NIST controls around them. CMMC compliance is a time based mandate for Tier 1 and Tier 2 suppliers in the DoD Supply Chain. There are plans to push it out farther, and even into all DoD procurement contracts. Could it have broader application? Possibly extending across government and into Industry to create one common language for security? If none of these, then it still makes a dog gone good framework for a company to build out the management of cyber risk with an eye on continuous improvement. Come learn more about CMMC.
Come see Steve at RVAsec! Register now.
As an Azure Networking Engineer, Thor Draper Jr works on the rapid response team that assists clients with immediate remediation of Infrastructure as a Service issues. Thor is also a cyber security instructor with Trilogy Education Services and has taught at cohorts held at universities across the country. His key skills are in information technology, information security, management, and sales. His passions lie in networking and relationship building.
Josh is the practice lead of Strategic Application Security Services at GuidePoint Security. He has 18 years of real world experience in developing applications and helping organizations across all sectors integrate security into their SDLC. Josh has worked extensively with financial services organizations helping to scale their large AppSec programs as the development organizations increasingly adopt Agile and DevOps. He is passionate about all things AppSec. In his free time, Josh enjoys hiking, playing guitar, and spending time with his wife and three children.
Jeff has been working in IT since 1998 and graduated from Virginia Commonwealth University (BS-IS 2012, MS-CISS 2014) and the SANS Technology Institute (PGC Ethical Hacking & Penetration Testing). Jeff also enjoys research and educating on Technical Information Security Topics including Network Security Monitoring and Advanced Persistent Threats. In addition to recently passing the CCSP exam, Jeff holds the CISSP, GCIH, GPEN, GWAPT, GXPN and VMware NSX: Micro-Segmentation certificates.
Yonatan Striem-Amit, CTO and Co-Founder of Cybereason, is a machine learning, big data analytics and visualization technology expert, with over a decade of experience applying analytics to security in the Israeli Defense Forces and Israeli Governmental Agencies. Prior to founding Cybereason, Mr. Striem-Amit headed the development for Watchdox, a leading DRM and SaaS security startup.
An engineer at heart, Evan works at Cloudflare with all of the software engineering teams on the systems and products they are building. the first security engineer hired at Cloudflare, and also worked at LastPass as a software engineer, and was the first security hire at Segment.