CMMC MIDWEST CONFERENCE MAY 1-2, 2025

DERRICH PHILLIPS

President & Founder, Aspire Cyber

Derrich is a Certified CMMC Assessor (CCA) and CMMC Provisional Instructor (PI) with over 20 years of cybersecurity experience. Prior to founding Aspire Cyber, Derrich served as a Cyber Network Defender in the U.S. Army and held various high-level cybersecurity positions at companies such as Lockheed Martin, Hewlett-Packard Enterprise, and Bank of America.

KOREN WISE

Owner, Wise Technical Innovations

Koren is a Certified CMMC Assessor, Provisional Instructor, and the CEO of Wise Technical Innovations in Norfolk, VA. She has participated in the Joint Surveillance Voluntary Assessment Program as both assessor and implementor. She recently created the compliance program and GCCH Azure Gov enclave for Jaco Aerospace, leading them to the JSVA where they scored the perfect “110”.

WTI is a Licensed Training Provider for Cyber AB.  WTI is awarded on the GSA HACS schedule for High Value Assessments, Risk and Vulnerability Assessment, Cyber Hunt, Incident Response, and Penetration Testing.

Koren is qualified by the Department of Homeland Security/CISA as Lead Assessor for High Value Asset, Cyber Resiliency Review, and External Dependency Management Assessment Program.

Koren specializes in standing up cybersecurity programs within organizations to meet applicable NIST controls or comply to 800-53 overlays. Additionally, she specialized in business continuity planning, business impact analysis, and risk-based approaches, such as the Cybersecurity Framework (CSF). She is skilled in using 800-53, RMF, 800-30, and 800-37, eDiscovery, root-cause analysis, and threat hunt techniques.

Koren has enjoyed a 23-year career in IT and network security which has resulted in a deep knowledge of disaster recovery, hardening infrastructures, and risk assessment. She started Wise Technical Innovations in 2004 and has been helping both commercial and government organizations meet business goals and maintain highly secure environments ever since.

She has a strong passion for teaching and has contributed to the IT community on the podium throughout her career. She is CISSP and PMP certified with a master’s degree in education.

KYLE LAI

President & CSO, KLC Consulting

Kyle Lai is the President and Chief Security Officer (CSO) of KLC Consulting, an Authorized CMMC Third-Party Assessment Organization (C3PAO). His firm specializes in guiding and conducting independent CMMC Level 2 certification assessments for organizations across the Defense Industrial Base (DIB) supply chain. Kyle also serves as a board member of the C3PAO Stakeholders Forum and is a Lead CMMC Certified Assessor (CCA). Kyle has conducted numerous CMMC Certification Assessments.

With over 25 years of cybersecurity experience, Kyle has advised global enterprises and government agencies, including ExxonMobil, Zoom, Boeing, HP, Microsoft, and the U.S. Department of Defense’s Defense Information Systems Agency (DISA). His certifications reflect deep expertise, including CMMC CCA, CCP, CISSP, CSSLP, CISA, CDPSE, CIPP/US, CIPP/G, and ISO 27001 Lead Auditor.

Before founding KLC Consulting, Kyle held senior leadership roles, including CISO at a Blackstone portfolio company and Brandeis University’s Heller School. He also led cybersecurity operations at the U.S. DoD, managing its cybersecurity training platform and supporting workforce readiness across the department.

BOBBY GUERRA

CEO, Axiom

Bobby Guerra is the CEO of Axiom. He has been running an MSP for over 22 years, facing numerous challenges along the way—but none as demanding as CMMC. As the leader of Axiom, he is spearheading the company’s CMMC Level 2 assessment by a C3PAO, with the goal of becoming one of the first MSPs in the country to achieve certification.

However, obtaining CMMC Level 2 was only one part of the challenge. The next hurdle is guiding clients through the process while ensuring the long-term security and compliance of their environments. This required not only developing an SSP for Axiom but also creating tailored solutions for clients, carefully considering inheritance, efficiency, and the longevity of documentation and processes.

Through this experience and by amplifying his insights on Climbing Mount CMMC The Podcast, Bobby is committed to making a meaningful impact on cybersecurity and compliance across the United States.

FRED TSCHIRGI

LRQA

Fred Tschirgi is a compliance expert at LRQA, where he serves as a Principal Information Security Consultant. With a background as a Tactical Data Advisor in the United States Marine Corps, Fred brings a deep understanding of compliance and security strategies to his work. He has become a recognized figure in the field of Cybersecurity Maturity Model Certification (CMMC), volunteering with the CMMC-AB Standards Industry Working Group and earning certification as a CMMC Assessor. His career reflects a commitment to enhancing cybersecurity for the defense industrial base, drawing from both his military experience and technical expertise.

MARK DEBRY

LEAD CCA

VP of Business Operations, Shadowscape

Mark DeBry is a Lead Certified CMMC Assessor (CCA) and the VP of Business Operations at Shadowscape, a cybersecurity, training, and analytics company. He’s had an extensive career leading global cybersecurity programs at IBM and Microsoft as well as supporting customers as a vCISO. As a Lead CCA, Mark is participated on official assessments in all three roles – Lead CCA, CCA, and QA, seeing examples of DoD contractors who have exceptional compliance documentation and implementation, while also seeing those that didn’t do so well.

Mark is also assisting DoD contractors to become CMMC compliance and prepare them for their Level 2 assessment.

KALEIGH FLOYD

Marketing Director, Axiom

Kaleigh Floyd is the Marketing Director for Axiom and Co-Host of Climbing Mount CMMC The Podcast. Having grown up in the MSP industry, she considers it her second language. Her journey with Axiom began long before her official role, as the company was founded by her father in 2002.

Beyond marketing, Kaleigh has worn many hats in the MSP space, specializing in Microsoft 365, phishing awareness, password management, and CMMC training. Passionate about education, she runs a YouTube channel dedicated to Microsoft 365 training, aiming to simplify complex technology for others. With a deep commitment to making a lasting impact in the ever-evolving tech landscape, she strives to leave a legacy that continues to resonate long after she stops speaking.

STUART ITKIN

CRO, FutureFeed

Stuart Itkin brings a unique perspective to Federal cybersecurity regulations and the challenges organizations face in satisfying those regulations and operating their businesses.

As CRO and Chief Security Evangelist at FutureFeed, the leading Cyber-GRC platform for the Defense Industrial Base, Stuart works with a team committed to securing our nation’s supply chain from our adversaries by creating an affordable, collaborative IT management platform.  Formerly Senior Vice President of NeoSystems, a Managed Service Provider, Stuart helped small and medium sized businesses address their compliance, cybersecurity, and back-office needs. Stuart earlier served as Vice President of CMMC and FedRAMP Assurance at Coalfire Federal, where he established the company as one of the first authorized C3PAOs. Stuart also served as Vice President of Product Management and Marketing at Exostar where he was responsible for the company’s compliance management, supply chain risk management, and secure collaboration platforms, and for establishing its CMMC practice area.

Stuart earned a BA and an MA and is an ABD from the University of Illinois at Urbana-Champaign.

KATHERINE TOBIN

Head of Workspace Innovation for the Public Sector, Google

Katherine (Katie) Tobin is Google’s Head of Workspace Innovation for the Public Sector, where she helps government agencies and contractors achieve their missions in new and creative ways using Google Workspace.

Before joining Google, Katherine spent over a decade in the Intelligence Community. As Director of the Lateral Innovation Division at the Office of the Director of National Intelligence, she led a team that helped innovators across the IC build their skills, navigate bureaucracy, learn from failure, and share their successes. She also spent several years at the Central Intelligence Agency, creating tools and experiences to support analysts as they craft complex information into compelling messages.

HEATHER SIEMENS

Lead CCA, CISA

CEO, iFORTRISS

Heather Siemens is a seasoned cybersecurity compliance expert with over 25 years of experience in IT Governance, Risk, and Compliance (GRC) in the energy and defense sectors. As a Lead CMMC Certified Assessor (CCA) and a Certified Information Systems Auditor (CISA), she brings unparalleled expertise in cybersecurity regulations and best practices. Her extensive background in DOE NERC Critical Infrastructure Protection (CIP) auditing uniquely positions her as a trusted advisor in the evolving landscape of defense cybersecurity. She is also a Prosci® Certified Change Practitioner in Organizational Change Management (OCM), which she leverages to assist companies in strategically transforming their workflows to be CMMC compliant. Heather is the CEO and Co-Founder of iFORTRISS, a cybersecurity consulting and Managed Security Services Provider (MSSP) firm dedicated to helping small to medium size contractors in the DIB achieve CMMC compliance.

BRIAN RHODES

CCP

HEAD OF CMMC, AMERICAS, LRQA INC.

Brian Rhodes is a cybersecurity expert specializing in Governance, Risk, and Compliance (GRC). As Head of CMMC, Americas, at LRQA, Inc., he leads strategic initiatives to help organizations achieve CMMC and NIST SP 800-171 compliance. A Certified CMMC Professional (CCP), Brian is a recognized thought leader, conducting educational webinars and mentoring LRQA staff on compliance best practices. Brian previously held leadership roles at iFORTRISS, Inc., and Comcast Business, managing Fortune 100 accounts across multiple industries. With experience at Apple in higher education, Brian brings a strong background in technology and training. Passionate about cybersecurity and compliance, he continues to drive industry resilience and knowledge sharing.

PRABHAT NIGAM

GLOBAL CTO, GOLDEN FIVE

CEO, LAExUG FOUNDATION

Prabhat is a 3 times Microsoft MVP Award winning MBA in Information Technology, working as Global CTO at Golden Five Consulting; which is a CMMC RPO, Microsoft AOSG Partner, Microsoft Solution Partner, ESP, MSSP, MSP, CSP, Supplier, and Education partner. G5 helps DoD Contractors with correct GCCHigh licenses, Azure Gov Sub, Security & Compliance configurations, CMMC Compliance Softwares & Automations.

He helps in designing, implementing, managing, and supporting solutions for private messaging cloud, mergers, a collaboration between different messaging software and other migration & deployment projects for the following technologies: Office 365, Azure, AWS, Exchange, SQL, ADFS, MFA, FIM, MIM, Directory services Security, Compliance and automation.

He has worked for all big IT giants either as an employee or contractor where he has led the Global teams.

He used to blog at MSExchangeGuru.com, & today blogs at LAEXUGFounddation.org.

BEN TCHOUBINEH

FOUNDING BOARD MEMBER, CMMC ACCREDITATION BODY

PRSIDENT, PHOENIX TS

Ben Tchoubineh is a serial entrepreneur in the fields of cybersecurity and education. He received his BS in Computer Science from the University of Maryland and has since founded multiple businesses focusing on IT and cybersecurity training, government contracting and consulting. Ben was a founding member of the board of directors of the CMMC Accreditation Body and headed the creation and development of the CMMC training and certification ecosystem.