CMMC MIDWEST CONFERENCE MAY 1-2, 2025

DERRICH PHILLIPS

President & Founder of Aspire Cyber

Derrich is a Certified CMMC Assessor (CCA) and CMMC Provisional Instructor (PI) with over 20 years of cybersecurity experience. Prior to founding Aspire Cyber, Derrich served as a Cyber Network Defender in the U.S. Army and held various high-level cybersecurity positions at companies such as Lockheed Martin, Hewlett-Packard Enterprise, and Bank of America.

KYLE LAI

President & CSO of KLC Consulting

Kyle is the President and Chief Security Officer (CSO) at KLC Consulting, an authorized CMMC Third-Party Assessment Organization (C3PAO) sanctioned by the CMMC Accreditation Body (CyberAB). His firm offers guidance and conducts independent assessments within the Defense Industrial Base (DIB) supply chain. Moreover, Kyle contributes his expertise as a board member of the C3PAO Forum.

With over 25 years of cybersecurity experience, Kyle has lent his advisory skills to leading firms such as ExxonMobil, Zoom, Boeing, HP, Microsoft, and the Defense Information Systems Agency (DISA) of the U.S. Department of Defense (DoD). He possesses an impressive array of certifications, including the CMMC Certified Assessor (CCA) and Certified Professional (CCP), alongside CISSP, CSSLP, CISA, CDPSE, CIPP/US, CIPP/G, and the ISO 27001 Lead Auditor. Before KLC Consulting, Kyle was a CISO at a leading global technology advisory firm and Brandeis University’s Heller School. He also played a pivotal role as a U.S. DoD operations manager, overseeing the cybersecurity training platform and supporting the personnel across the department.

BOBBY GUERRA

CEO, Axiom

Bobby Guerra is the CEO of Axiom. He has been running an MSP for over 22 years, facing numerous challenges along the way—but none as demanding as CMMC. As the leader of Axiom, he is spearheading the company’s CMMC Level 2 assessment by a C3PAO, with the goal of becoming one of the first MSPs in the country to achieve certification.

However, obtaining CMMC Level 2 was only one part of the challenge. The next hurdle is guiding clients through the process while ensuring the long-term security and compliance of their environments. This required not only developing an SSP for Axiom but also creating tailored solutions for clients, carefully considering inheritance, efficiency, and the longevity of documentation and processes.

Through this experience and by amplifying his insights on Climbing Mount CMMC The Podcast, Bobby is committed to making a meaningful impact on cybersecurity and compliance across the United States.

KOREN WISE

Owner, Wise Technical Innovations

Koren is a Certified CMMC Assessor, Provisional Instructor, and the CEO of Wise Technical Innovations in Norfolk, VA. She has participated in the Joint Surveillance Voluntary Assessment Program as both assessor and implementor. She recently created the compliance program and GCCH Azure Gov enclave for Jaco Aerospace, leading them to the JSVA where they scored the perfect “110”. WTI is a Licensed Training Provider for the Cyber AB. WTI is awarded on the GSA HACS schedule for High Value Assessments, Risk and Vulnerability Assessment, Cyber Hunt, Incident Response, and Penetration Testing. Koren is qualified by the Department of Homeland Security/CISA as Lead Assessor for High Value Asset, Cyber Resiliency Review, and External Dependency Management Assessment Program. Koren specializes in standing up cybersecurity programs within organizations to meet applicable NIST controls or comply to 800-53 overlays. Additionally, she specialized in business continuity planning, business impact analysis, and risk-based approaches, such as the Cybersecurity Framework (CSF). She is skilled in using 800-53, RMF, 800-30, and 800-37, eDiscovery, root-cause analysis, and threat hunt techniques. Koren has enjoyed a 23-year career in IT and network security which has resulted in a deep knowledge of disaster recovery, hardening infrastructures, and risk assessment. She started Wise Technical Innovations in 2004 and has been helping both commercial and government organizations meet business goals and maintain highly secure environments ever since. She has a strong passion for teaching and has contributed to the IT community on the podium throughout her career. She is CISSP and PMP certified with a master’s degree in education.

Focus Areas: • CMMC Assessments Building secure enclaves and comprehensive CMMC programs • Business Impact Analysis using the Risk Management Framework / NIST Guidelines • eDiscovery • Forensic/Legal Cybersecurity Investigation Assistance • High Value Asset (HVA) Assessments • Risk and vulnerability Assessment (RVA) • Cyber Hunt • Incident Response • Penetration Testing

MARK DEBRY

LEAD CCA

VP of Business Operations, Shadowscape

Mark DeBry is a Lead Certified CMMC Assessor (CCA) and the VP of Business Operations at Shadowscape, a cybersecurity, training, and analytics company. He’s had an extensive career leading global cybersecurity programs at IBM and Microsoft as well as supporting customers as a vCISO. As a Lead CCA, Mark is participated on official assessments in all three roles – Lead CCA, CCA, and QA, seeing examples of DoD contractors who have exceptional compliance documentation and implementation, while also seeing those that didn’t do so well.

Mark is also assisting DoD contractors to become CMMC compliance and prepare them for their Level 2 assessment.

KALEIGH FLOYD

Marketing Director, Axiom

Kaleigh Floyd is the Marketing Director for Axiom and Co-Host of Climbing Mount CMMC The Podcast. Having grown up in the MSP industry, she considers it her second language. Her journey with Axiom began long before her official role, as the company was founded by her father in 2002.

Beyond marketing, Kaleigh has worn many hats in the MSP space, specializing in Microsoft 365, phishing awareness, password management, and CMMC training. Passionate about education, she runs a YouTube channel dedicated to Microsoft 365 training, aiming to simplify complex technology for others. With a deep commitment to making a lasting impact in the ever-evolving tech landscape, she strives to leave a legacy that continues to resonate long after she stops speaking.

STUART ITKIN

CRO, FutureFeed

Stuart Itkin brings a unique perspective to Federal cybersecurity regulations and the challenges organizations face in satisfying those regulations and operating their businesses.

As CRO and Chief Security Evangelist at FutureFeed, the leading Cyber-GRC platform for the Defense Industrial Base, Stuart works with a team committed to securing our nation’s supply chain from our adversaries by creating an affordable, collaborative IT management platform.  Formerly Senior Vice President of NeoSystems, a Managed Service Provider, Stuart helped small and medium sized businesses address their compliance, cybersecurity, and back-office needs. Stuart earlier served as Vice President of CMMC and FedRAMP Assurance at Coalfire Federal, where he established the company as one of the first authorized C3PAOs. Stuart also served as Vice President of Product Management and Marketing at Exostar where he was responsible for the company’s compliance management, supply chain risk management, and secure collaboration platforms, and for establishing its CMMC practice area.

Stuart earned a BA and an MA and is an ABD from the University of Illinois at Urbana-Champaign.

KATHERINE TOBIN

Head of Workspace Innovation for the Public Sector, Google

Katherine (Katie) Tobin is Google’s Head of Workspace Innovation for the Public Sector, where she helps government agencies and contractors achieve their missions in new and creative ways using Google Workspace.

Before joining Google, Katherine spent over a decade in the Intelligence Community. As Director of the Lateral Innovation Division at the Office of the Director of National Intelligence, she led a team that helped innovators across the IC build their skills, navigate bureaucracy, learn from failure, and share their successes. She also spent several years at the Central Intelligence Agency, creating tools and experiences to support analysts as they craft complex information into compelling messages.

HEATHER SIEMENS

Lead CCA, CISA

CEO, iFORTRISS

Heather Siemens is a seasoned cybersecurity compliance expert with over 25 years of experience in IT Governance, Risk, and Compliance (GRC) in the energy and defense sectors. As a Lead CMMC Certified Assessor (CCA) and a Certified Information Systems Auditor (CISA), she brings unparalleled expertise in cybersecurity regulations and best practices. Her extensive background in DOE NERC Critical Infrastructure Protection (CIP) auditing uniquely positions her as a trusted advisor in the evolving landscape of defense cybersecurity. She is also a Prosci® Certified Change Practitioner in Organizational Change Management (OCM), which she leverages to assist companies in strategically transforming their workflows to be CMMC compliant. Heather is the CEO and Co-Founder of iFORTRISS, a cybersecurity consulting and Managed Security Services Provider (MSSP) firm dedicated to helping small to medium size contractors in the DIB achieve CMMC compliance.

ZACH WALKER

Lead CCA

CO-FOUNDER, ATX DEFENSE

Zach is a Lead CCA and co-founder of ATX Defense, an Authorized C3PAO. He has over two decades of national intelligence, cybersecurity, and cyberwarfare experience, serving in the country’s foremost intelligence and defense agencies. He co-founded ATX Defense to help national security organizations integrate revolutionary technology, scalable processes, and long-term viability into their operations. Zach also serves as the Director of Communications for the Texas Air National Guard and has served in the Reserve Component of the Army and Air Force since 2001. 

BRIAN RHODES

CCP

HEAD OF CMMC, AMERICAS, LRQA INC.

Brian Rhodes is a cybersecurity expert specializing in Governance, Risk, and Compliance (GRC). As Head of CMMC, Americas, at LRQA, Inc., he leads strategic initiatives to help organizations achieve CMMC and NIST SP 800-171 compliance. A Certified CMMC Professional (CCP), Brian is a recognized thought leader, conducting educational webinars and mentoring LRQA staff on compliance best practices. Brian previously held leadership roles at iFORTRISS, Inc., and Comcast Business, managing Fortune 100 accounts across multiple industries. With experience at Apple in higher education, Brian brings a strong background in technology and training. Passionate about cybersecurity and compliance, he continues to drive industry resilience and knowledge sharing.

PRABHAT NIGAM

GLOBAL CTO, GOLDEN FIVE

CEO, LAExUG FOUNDATION

Prabhat is a 3 times Microsoft MVP Award winning MBA in Information Technology, working as Global CTO at Golden Five Consulting; which is a CMMC RPO, Microsoft AOSG Partner, Microsoft Solution Partner, ESP, MSSP, MSP, CSP, Supplier, and Education partner. G5 helps DoD Contractors with correct GCCHigh licenses, Azure Gov Sub, Security & Compliance configurations, CMMC Compliance Softwares & Automations.

He helps in designing, implementing, managing, and supporting solutions for private messaging cloud, mergers, a collaboration between different messaging software and other migration & deployment projects for the following technologies: Office 365, Azure, AWS, Exchange, SQL, ADFS, MFA, FIM, MIM, Directory services Security, Compliance and automation.

He has worked for all big IT giants either as an employee or contractor where he has led the Global teams.

He used to blog at MSExchangeGuru.com, & today blogs at LAEXUGFounddation.org.

BEN TCHOUBINEH

FOUNDING BOARD MEMBER, CMMC ACCREDITATION BODY

PRSIDENT, PHOENIX TS

Ben Tchoubineh is a serial entrepreneur in the fields of cybersecurity and education. He received his BS in Computer Science from the University of Maryland and has since founded multiple businesses focusing on IT and cybersecurity training, government contracting and consulting. Ben was a founding member of the board of directors of the CMMC Accreditation Body and headed the creation and development of the CMMC training and certification ecosystem.