Mike Brooks

A Certified CMMC Assessor (CCA) and United States Air Force Lt Col (Ret) with decades of Department of Defense (DoD) experience in Cyber Operations, Mike is also the founder of a Service-Disabled Veteran-Owned Small Business (SDVOSB) supporting the Defense Industrial Base. In this talk, Mike shares key insights into how the Risk Management Framework (RMF) is used to protect the nation’s most critical information systems, and demonstrates how defense vendors can leverage the DoD’s proven risk-based strategies to streamline their path to CMMC certification.

Participants will learn how to align RMF steps with CMMC practices, build scalable compliance structures, and adopt solutions that enhance security while maintaining operational efficiency. The session provides actionable insights rooted in real-world lessons and DoD best practices, whether organizations are tackling self-assessments or preparing for C3PAO authorization. Attendees will leave with a clear understanding of how to transform compliance from a regulatory hurdle into a strategic advantage, along with a complimentary risk assessment guide to kickstart their journey. [Note: Pending CCA Tier 3 certification, expected by the conference. Bio as of 2/13/25.]