Big changes are coming with the third phase of the Continuous Diagnostics and Mitigation program. Even as agencies continue to work on the first and second phases, the Department of Homeland Security and the General Services are laying the groundwork for CDM Phase 3, with its focus on providing much greater and timelier insight into what’s happening on the network—and providing the tools for rapid response and recovery. GSA has alr...

Earn 1 CEU! Nation-state, mercenary, cyber-jihadist and other adversaries continue to exploit vulnerabilities in Frankensteined legacy systems despite the growing outcry among agency and legislative leaders demanding action. Meaningful change requires tools which give agency leaders the agility, flexibility, visibility, and contract vehicles to quickly acquire new, cutting-edge cybersecurity solutions. CDM DEFEND is a powerful single award tas...

Risk Based Self-Assessment as a Critical Element to Measure Risk, Performance, and Improvement “A hands-on approach to implementing and leveraging a risk assessment to increase compliance program effectiveness and lean performance.” A proactive, systematic risk assessment is an essential first step to developing and implementing an effective compliance program. Performance culture, sound economics, and regulator expectations all re...

We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While the Federal government is focused on security, new adversaries and attack vectors still emerge hourly. What are the early grades on the new Administration’s response to the growing cyber threat? How can collaborative tactics...

It’s Not New, and It’s Still Not Easy: Mastering the ITAR and EAR Definition Accurately applying the definition “specially designed” is no longer a new challenge, but it still remains a critical element in correctly determining how the US Munitions List (USML) and Commerce Control List (CCL) control the items you export. This webinar series will use hands-on exercises and questions and answers to enhance your skill and...

There is a wealth of information on “WHY” companies must build a compliance program, but a lack of practical instruction on “HOW TO” build a solid compliance program to effectively prevent compliance lapses in today’s digital world... This webinar will present an updated paradigm and framework for modern export control compliance programs that are risk-appropriate, business integrated, and in tune with today...

The American Council for Technology and Industry Advisory Council (ACT-IAC) invites you to Drones in the Federal Airspace and Internet of Things (IoT) Forum on Wednesday, July 26, 2017 at the Renaissance Washington in Washington, DC.The theme, "Unleashing the Power of IoT and Drone Technology', will focus on how drones and IoT are currently being used in the federal arena and look to the endless possibilities that IoT and Drones can offer. The...

As an export compliance professional there are a wide variety of ways that you might find yourself needing to work closely with, and understanding the function of, your security department. This webinar is designed to strengthen your knowledge and build bridges between your export compliance and security departments. In order to do your job effectively, you need to work together with your counterpart in security. Your missions are the same, to...

Why They Happen, How to Avoid Them, and What to Do if They Happen to You May 9, 2017 1:00-2:30 PM EDT Consent agreements are a feared, but recurring feature of the export control and enforcement landscape. The recent announcement of the ZTE consent agreement signals that the Trump Administration has not stepped away from this enforcement option and, in fact, is willing to apply it to new issue areas and regulatory regimes in order to further A...

If your company employs foreign nationals, works with contractors who do, shares technology with entities in other countries (particularly in the EU, with its fluid work force), contracts with universities to do research, outsources IT or uses cloud servers, or does pretty much anything else that companies do in the 21st Century, you may have a deemed export or reexport risk. Ensuring that you have a compliance plan in place to identify and ad...