We Specialize in CMMC Assessments for DoD
We understand the natural apprehension people have about their CMMC certification assessment. You fear an invasive ‘gotcha!’ type of auditor. At KLC Consulting, our friendly, transparent, and collaborative assessment style alleviates that concern. Our assessment philosophy is to be the objective C3PAO that validates your demonstrated security practices. We ensure every assessment is conducted with professional empathy, clear communication, and a personal human approach, empowering you to demonstrate your security posture with confidence.
I found the knowledge and professionalism of the C3PAO (KLC Consulting) to meet the high standard I would expect of assessors working within their specialty. The assessment questions were probing, but fair. I will say that KLC Consulting did such a complete job in their interviews that there was little the DIBCAC team needed to add to the conversation at times. Great working with you, and thank you.
— Steve Bezreh, CISO Mercury Systems
KLC Consulting Assessors
Kyle Lai
President and CISO
Lead CMMC Certified Assessor (CCA)
Certified CMMC Professional (CCP)
Provisional Instructor (PI)
CISSP, CSSLP, CISA, CDPSE, CIPP/US, CIPP/G
ISO 27001 Lead Auditor
Read Bio
Nationally recognized as a DoD cybersecurity expert with over 20 years of experience in cyber and I.T., Kyle assesses and architects NIST 800-171 and CMMC compliance solutions for U.S. Defense Industrial Base (DIB) companies. He consulted as a security advisor to several Fortune 500 companies and the DoD. Kyle now specializes in developing cost-effective CMMC compliance solutions for: Manufacturers, Aerospace, Engineering, Software Development, and MSP/IT companies.
Kyle’s distinguished career includes consulting for high-profile clients like ExxonMobil, Zoom, DISA, Boeing, HP, Fidelity Investments, Microsoft, Akamai, and PwC. He served as the former CISO to Pactera (a Blackstone Portfolio Co.) and Brandeis University – Heller School. Kyle was also an operations manager for DISA Cybersecurity Portal (predecessor of public.cyber.mil – a department within the U.S. Department of Defense).
His broad cybersecurity expertise spans security strategy, policies, program management, vulnerability management, penetration testing, incident response, business continuity, regulatory compliance, application security, and third-party risk management.
Areas of Expertise:
- CMMC for Multiple CAGE Codes
- NIST 800-171 / CMMC (Cybersecurity Maturity Model Certification)
- IT Security Advisory
- Information Security Policy Development
- Third-party Vendor Security Risk Assessment
- Certification & Accreditation (C&A)
- Penetration Testing / Vulnerability Assessment
- Incident Response
- Business Continuity Planning (BCP)
- Cloud Security
- US, EU Privacy Regulations M&A Due Diligence Assessment
- Application Security (OWASP)
Kyle is a guest lecturer at Brown University’s Graduate Cybersecurity Program and Lone Star College’s Cybersecurity program where he also serves as an Advisory Board Member of the school’s Cybersecurity Bachelor of Applied Technology (BAT) degree program.
A cybersecurity entrepreneur at heart, Kyle is the creator of the ubiquitous SMAC MAC Address Changer software. Over 3 million users globally have come to rely on SMAC to test and address security and privacy issues. In addition, he is a member of InfraGard (FBI Sponsored), ISSA, AFCEA, OWASP, IAPP, Texas CISO Council and has past certifications in MCSE, DISA System Administrator II.
To learn more, visit LinkedIn
John Sciandra
Principal CMMC Assessor-Advisor
Lead CMMC Certified Assessor (CCA), CISSP
MS Computer Science/Information Security, JMU
U.S. Army ACERT CDAP-L3 Penetration Tester
U.S Army Incident Handler
Read Bio
As Principal CMMC Assessor-Advisor and a recognized leader in the CMMC ecosystem, John Sciandra is distinguished by a career dedicated to high-stakes, real-world defensive and offensive cyber operations. He brings a unique, adversarial mindset and wealth of experience to every KLC Consulting engagement, so clients can build defenses that can withstand sophisticated threats.
John’s foundation was forged through critical service with the U.S. government. This includes his role with the U.S. Army ACERT as a certified Level 3 Penetration Tester (CDAP-L3) and Incident Handler, where he was on the front lines of protecting the Army’s most sensitive networks and critical infrastructure. After retiring from the U.S. Army where he was an airborne paratrooper and national security level software developer, he transitioned to a position where he successfully rescued failing enterprise-level software projects.
Following this, he leveraged his skills as a Threat Hunter for the FBI, contributing to national security by analyzing and neutralizing Advanced Persistent Threats (APTs) targeting the defense supply chain and critical U.S. organizations.
His experience as a Penetration Tester with Lockheed Martin further cemented his expertise in securing complex, mission-critical systems and software within the Aerospace and Defense sector.A true innovation leader in the cyber community, John holds a patent for one of the first next-generation cyber ranges, showcasing his commitment to developing practical, measurable security training solutions.
This extensive operational and innovative background provides KLC Consulting clients with an assessor-advisor who not only validates compliance but strengthens their entire security posture with a Red Team perspective. He leverages his MS in Computer Science/Information Security from JMU and vast operational history to expertly conduct CMMC Level 2 assessments with the goal of transforming compliance into a durable competitive advantage.
To learn more, visit LinkedIn
Jeff Snyder
Lead CMMC Assessor
Lead CMMC Certified Assessor (CCA)
CISSP, CISM, ISSAP, CCSP
MS, Cybersecurity and Information Assurance
Read Bio
As a Lead CMMC Certified Assessor, Jeff Snyder brings more than a decade of hands-on cybersecurity and compliance experience across federal, defense, and commercial environments. He is known for his practical, evidence-driven approach to CMMC Level 2 assessments, helping organizations align people, processes, and technology to meet CMMC security objectives in a defensible and audit-ready manner.
Jeffery’s expertise is grounded in real-world assessment and operational experience. As a Lead Certified CMMC Assessor (LCCA), he has supported multiple organizations through successful CMMC Level 2 assessments, leading evidence walkthroughs, validating System Security Plans (SSPs), confirming assessment scope, and evaluating the sufficiency of technical artifacts, interviews, and demonstrations. His work emphasizes clarity, traceability, and assessor-grade documentation that stands up to scrutiny.
His foundation was built supporting high-security U.S. Air Force programs, including mission-critical and nuclear command and control environments. In these roles, Jeffery authored and maintained extensive security documentation, developed over a thousand security control policies, supported RMF-aligned assessments, and contributed to security operations for highly sensitive systems.
Earlier in his career, Jeff led cybersecurity and compliance initiatives for commercial organizations subject to HIPAA and PCI DSS, as well as classified and unclassified DoD networks during his service in the United States Coast Guard. His experience spans vulnerability management, incident response, identity and access management, and large-scale network modernization efforts.
This diverse operational and assessment background allows Jeff to function not only as an assessor, but as a strategic partner who helps organizations move beyond checkbox compliance. He leverages his Master’s degree in Cybersecurity and Information Assurance and extensive field experience to conduct CMMC assessments with the goal of turning compliance into a durable business and contractual advantages.
To learn more, visit LinkedIn
Will Clary
Lead CMMC Assessor
Lead CMMC Certified Assessor (CCA)
CISSP, CISM
MS, Cybersecurity and Government Contract
Procurement and Development
Read Bio
As a Lead CMMC Assessor at KLC Consulting, Will Clary brings over six years of specialized experience in cybersecurity compliance and the full CMMC assessment lifecycle for Department of Defense contractors. He is recognized for his hands-on expertise in conducting formal assessments for Organizations Seeking Certification and evaluating compliant programs that align people, processes, and technology against Level 2 requirements.
Most recently, Will served as CMMC Program Director, leading client engagements by developing governance packages, conducting gap analyses, and conducting mock assessments to prepare evidence for certification. He also played a pivotal role in helping his organization achieve C3PAO status, taught a college-level CMMC course at Rhode Island College, and stays current with evolving requirements to deliver practical, assessment-ready solutions.
Previously, as an Information Assurance Security Team Lead, Will managed a compliance team overseeing NIST RMF authorization packages and continuous monitoring for three U.S. Army and Air Force web applications. His leadership ensured 95% uptime with zero cybersecurity incidents through rigorous vulnerability scanning, integration of STIG, NIST, and ISO standards into development processes, and cross-functional policy coordination for government approvals.
A U.S. Navy veteran, Will served aboard the USS Theodore Roosevelt during Operation Inherent Resolve. He holds an M.S. in Cybersecurity from Norwich University and a degree from Clemson University, where he was a member of the cheerleading team.
At KLC Consulting, Will applies his deep operational and assessment experience to conduct rigorous, evidence-based assessments that not only achieve certification but also strengthen a client’s security posture. As a veteran, he knows cybersecurity protects human lives, forging a vital connection between the digital domain and the human stakes of national defense.
To learn more, visit LinkedIn
KLC Consulting Operations & Finance
Paul Casassa
Vice President
Read Bio
As Vice President, Paul serves as the first point of contact for Organizations Seeking Certification (OSCs) and the bridge between them and the complex Department of Defense requirements and CMMC assessment process. From initial consultation to final contract review, he ensures every engagement is structured with transparency and rigorous adherence to the professional standards mandated by The Cyber AB under the authority of the DoD.
Paul also oversees the firm’s financial and treasury operations, providing the fiscal oversight necessary for KLC Consulting’s sustainable growth. This operational focus extends to his role as head of marketing, where he guides the strategy to advance the firm’s reputation as a leading C3PAO and collaborative expert within the CMMC ecosystem.
His leadership is backed by decades of experience, including his tenure as the Chief Financial Officer of an international real estate development company and Director of Property Management for UMass Medical School. A graduate of Bentley University with a B.S. in Accountancy, Paul also holds an Executive Certificate from the MIT Sloan School of Management in Artificial Intelligence: Implications for Business Strategy.
To learn more, visit LinkedIn
Renee Precopio
Chief of Staff
Read Bio
Renee supports KLC Consulting’s Leadership Team in strategic decision-making to align with achieving business milestones across Sales, Marketing, Administration, and Assessment Operations. Inter-departmental synchronicity is a top priority, and she’s known for her keen ability to “bring order to chaos.” Renee streamlines communication channels for increased efficiency, transparency, and accountability across all initiatives, whether project management, meetings, staff coordination, program management, or data analytics.
With a Bachelor of Science degree in Psychology from Bridgewater State University, Renee has always led with a people-first mentality. She spent over seven years on product teams with the healthcare data industry. Renee’s strengths in organization and training led to her rise into impactful leadership positions. She nurtured and developed data team members of numerous backgrounds, ages, and abilities and managed vendor relations.
Renee has storied collaborations with Human Resource teams, acting as a driver for company-wide learning series, fostering cultural ties through clubs, and facilitating an integral component of all new hire onboarding efforts. It’s her mission to lend her expertise in people management, professional development, and collaboration to fuel KLCC’s warm and team-oriented culture.
To learn more, visit LinkedIn
Kaarin Jeanson
Accounting Manager
Read Bio
Kaarin Jeanson is the Accounting Manager at KLC Consulting, a critical position where she ensures the firm’s financial integrity and seamless client engagement lifecycle. Kaarin leverages her diverse background in her approach to corporate compliance and meticulous documentation. Kaarin manages client accounts from initial contract execution. Her precision and active collaboration with the leadership team are instrumental in guaranteeing the accuracy and timely completion of all client-related elements.
Our Expert Team is Dedicated to Your CMMC Success
At KLC Consulting, our collaborative professionals bring over 75 years of combined IT/Cyber experience to the table, serving a wide range of organizations, from publicly traded companies with complex CAGE Code hierarchies to small subcontractors. This breadth of experience gives us a deep understanding of the unique cybersecurity challenges faced by businesses of all sizes within the DoD supply chain.
As a C3PAO, KLC Consulting exclusively uses W2 lead and quality insurance assessors (CCA) for Level 2 Certification assessments, to ensure consistent quality and delivery under our philosophy of collaboration.
What Sets Us Apart
Transparent Communication – We provide clear, honest feedback on your security posture, highlighting strengths and gaps to empower your remediation efforts (though we cannot offer direct advice).
Expert Assessors – Our Cyber AB-authorized Lead CCAs bring deep CMMC expertise and tailored industry experience to every CMMC Level 2 assessment.
Unwavering Integrity – Unwavering Integrity – Our work is driven by a commitment to national security. We conduct fair, accurate, and objective assessments to help strengthen the defense industry through robust cybersecurity.
Our C3PAO Assessment Services
CMMC Level 2 Assessment
Lead CCAs execute the Level 2 audit (review, interview, test) and submit the official results to DOD eMASS.
Readiness “Mock” Assessment
A practice-run assessment to identify deficiencies to prepare you for your official Level 2 Certification Assessment.
Mock + Level 2 Discounted Bundle
Phased approach reduces the risk of a formal assessment failure, saving you time and the cost of a full re-assessment.
Annual Affirmation Attestation
Meet your annual SPRS Affirmation requirement with confidence through an independent C3PAO review.
Don’t Get Left on the Ground
With limited C3PAOs and a growing number of DIB companies requiring CMMC Level 2 certification, securing your assessment spot is crucial. Reserve your assessment with KLC Consulting today and avoid delays.
Feeling Overwhelmed by CMMC?
Download our essential guide to gain a clear roadmap through every phase of a CMMC Assessment. From foundational preparation and scope definition to navigating the assessment day and understanding post-audit requirements. Don’t leave your CMMC Level 2 success to chance.
