CMMC IMPLEMENTATION CONFERENCE 2024

Thank You!

Please click on your file name to automatically download to your computer.

1. Secure Agile and DevOps SDLC Practices.docx 
   This document provides a comprehensive guide to implementing Secure Agile and DevOps Software Development Lifecycle (SDLC) practices within a company. It is designed to integrate security seamlessly into our fast-paced and collaborative development and operations environment, ensuring the production of secure and resilient software.
   
2. Secure Software Design Principles.docx
   The “Secure Software Design Principles” outlined in this document provide a foundational framework to ensure the security integrity of software products from conception through deployment and beyond. Adhering to these principles protects your systems against cybersecurity threats, protecting our data, customers, and reputation.
   
3. Secure API Design Practices.docx
   The “Secure API Design Practices” template is developed to integrate robust security measures into our API development process, ensuring the protection of sensitive data and systems. This document provides detailed practices to guide our teams in creating secure and efficient APIs.
   
4. Secure System and Architecture Design Principles.docx
   This document integrates systems security engineering principles into a company’s system development, enhancement, and maintenance lifecycle. It aims to create inherently secure, resilient, and trustworthy systems.
   
5. CMMC Requirements for Software Developers.xlsx
   This is a list of CMMC / NIST 800-171 requirements that, based on the CMMC Assessment Guide, most likely apply to your custom software/applications. 
   
6. Assessing Software Developers For CMMC Level 2 Certification (pdf)

Kyle Lai

Kyle is the President and CISO at KLC Consulting, a certified 3rd Party Assessment Organization (C3PAO), which provides advisory, conducts assessments, and enhances the cybersecurity of the Defense industry supply chain. Kyle also serves on the board of the C3PAO Forum. 

With over 25 years of cybersecurity expertise, Kyle has served as an advisor to renowned organizations such as ExxonMobil, Zoom, DISA (U.S. DoD), Boeing, HP, and Microsoft. His qualifications include CMMC Certified Professional (CCP) and Certified Assessor (CCA) certifications and CISSP, CSSLP, CISA, CIPP/US/G, and ISO 27001 Lead Auditor credentials. Before starting KLC Consulting, Kyle was a CISO at a global I.T. company and Brandeis.