What is the C3PAO Advisory Council?
The C3PAO Advisory Council acts as a board of directors to coordinate the activities of the C3PAO Stakeholder Forum. The Advisory Council was initially created in June 2021 and its founding members are appointed to a six-month term to establish the Council. A vote will be held for the next term of members in December 2021.
Scott Singer | Chair
President – CyberNINES
CAPT, USN (retired) Scott Singer brings 30 years of military experience in both active duty and reserve rolls along with 26 years of industry experience. Most recently Scott was at PaR Systems, where he was Chief Information Officer since 2010. At PaR, Scott had responsibility for information systems, global quality, export control, security, and continuous process improvement. Previously, Scott spent 16 years with Medtronic in various leadership positions including the European Infrastructure Manager, the Vascular division CIO, and the head of global security. Scott has extensive experience with government contracting specializing in DFARS and NIST SP 800-171. In addition, Scott navigated his last company through many international export, privacy and cybersecurity matters.
Scott is the past board chair for the Minnesota Technology Association (MnTech), past President of the UW Madison NROTC Alumni Association and past board member of InfraGard. In June, he testified before Congress on the costs to small business to comply with CMMC.
Scott has an MBA in Information Systems from the University of MN, Carlson School, and BS is Meteorology from the University of Wisconsin at Madison.
Scott is one of the first to be recognized as an authorized CMMC-AB Registered Practitioner (RP) and is the current C3PAO Advisory Council Chair.
V. Amira Armond | Vice Chair
President – Kieri Solutions
Amira Armond is the vice chair of the C3PAO Stakeholder Forum, the president of Kieri Solutions LLC, and the chief editor for CMMCaudit.org. She is a CMMC Provisional Instructor and is an active speaker and blogger for cybersecurity and compliance. Her company, Kieri Solutions, provides consulting and training on NIST SP 800-171, CMMC, and secure systems architecture to clients ranging from Fortune 50 companies to small defense contractors.
Timothy Woodcome | Secretary
Director – NQA, USA
Timothy Woodcome is the secretary of the C3PAO Stakeholder Forum and is a director of Cybersecurity Assurance Services within NQA. He has 25+ years experience in the Third Party Assessment industry and has competencies within ISO 17020 and 17020 as a certification body.
Tony Bai | Advisor
Federal Practice Lead – A-LIGN
Mr. Bai is a cybersecurity professional with a range of certifications including the Certified Information Systems Security Professional (CISSP) and the Project Management Professional (PMP). As the Federal Practice Lead at A-LIGN, Mr. Bai supports all FedRAMP, FISMA, NIST 800-171 and other NIST-based projects. He is responsible for overseeing all NIST-based engagements and providing security controls advisory and guidance to our clients. Mr. Bai has hands-on experience leading all stages of system security, including requirements definition, auditing, scanning, and mitigation. With over 27 years of information systems experience to include 10 years specializing in cybersecurity. His extensive background includes providing risk assessments of information systems for government agencies and commercial clients, most notably the Defense Health Agency, US Air Force, and various Fortune 500 companies across multiple industries. Mr. Bai brings an impressive blend of knowledge of security controls and technical aspects of cybersecurity and IT operations.
Mr. Bai’s experience includes leading enterprise security personnel and managing activities throughout the Certification/Assessment and Authorization (C&A/A&A) process, security test and evaluation, risk management, vulnerability assessments, security reviews, and audits of the network environment to identify vulnerabilities and ensure compliance with established standards and regulations in accordance with Federal and Agency-specific requirements.
Deborah Hunt | Advisor
Lead Assessor- iPower
Deborah Hunt is a CMMC Provisional Assessor within iPower. iPower is an early participant in the CMMC and CMMC-AB program to secure the Defense Industrial Base. iPower also offers CMMI assessments and government consulting operating in the DoD and Intelligence spaces.
Jared Hoskins | Advisor
COO, CIO – Strong Connexions
Jared Hoskins is a highly accomplished, and results-oriented Executive with proven experience leading full life cycle of product and program portfolio delivery. He’s worked across a broad spectrum of industries and implemented the development of organizations cyber forces, strengthened their cyber defense, resilience, and deterrence posture.
As COO | CIO he’s leading all IT & cybersecurity initiatives for Strong Connexions, providing cohesive vision and acquisition
acquisition strategy to lead personnel, implementing change management and initiatives, and driving breakthrough business results in growth and technology advancements through research and development and strategic partnerships.
Respected as a visionary leader for geographically dispersed & virtual teams throughout the United States with ability to instill a shared vision and provide turnaround and high-growth results across industry.
Brian Hubbard | Advisor
Director, Commercial & Cybersecurity – Edwards Performance Solutions
Brian Hubbard is the Director of Edwards Commercial and Cybersecurity business. With 35+ years of cybersecurity experience, Brian is responsible for all strategic Commercial initiatives, as well as development and expansion of Edwards’ Cybersecurity Solution Area, to include CMMC initiatives.
Brian is a strategic business leader with three decades of experience architecting, designing, and developing solutions to address some of the nation’s top cybersecurity challenges. Prior to joining Edwards, he founded Evolved Cyber Solutions (ECS) – a company dedicated to supporting both large and small organizations in assessing security compliance and building cyber programs based on the NIST Cybersecurity Framework. Prior to ECS, Brian was at G2 where he was responsible for both Federal/Civil Government and Commercial customer solution development and delivery. Brian was a primary author and led the contractor team supporting NIST in the development of the Cybersecurity Framework. Brian also supported Booz Allen Hamilton’s Information Assurance Directorate (IAD) business at the National Security Agency (NSA) for 19 years, as a Principal. Brian’s industry knowledge and cybersecurity understanding make him a true asset to Edwards Leadership Team.
Brian holds a Master of Science in Operations Research from the University of Maryland, Baltimore County (UMBC) and a Bachelor of Science in Computer Science from Purdue University. He is also a certified Project Management Institute (PMI) Project Management Professional (PMP), Certified Information Security Manager (CISM), and as well as a Cybersecurity Maturity Model Certification (CMMC) Provisional Instructor (PI) and Provisional Assessor (PA).
Matt Gilbert | Advisor
Principal – Baker Tilly US
Matt Gilbert is a principal within Baker Tilly US, a large assessment organization. He is Provisional Assessor #19 and has been active in the CMMC-AB Working Groups since the beginning of CMMC.
Kyle Lai | Advisor
President and CISO – KLC Consulting, Inc.
Kyle is President and CISO of KLC Consulting, a CMMC C3PAO Candidate company. He is also a CMMC Registered Practitioner. Kyle continuously assesses NIST 800-171 and CMMC compliance solutions for Defense Industrial Base (DIB) companies, especially in the Aerospace and Manufacturing industries. Kyle has over 20 years of cybersecurity experience serving as a security advisor to Fortune 500 companies, SMBs, and the U.S. Department of Defense (DoD.) Kyle was a former CISO of Pactera (a Blackstone Portfolio Co.) and Brandeis University – Heller School. He was also an operations manager for DISA Cybersecurity Portal (predecessor of public.cyber.mil) and a consultant to several Defense Industrial Base (DIB) Suppliers. He has consulted for ExxonMobil, Zoom, DISA, Boeing, HP, Fidelity Investments, Microsoft, Akamai, and PwC. His cybersecurity experience spans security strategy, policies, program management, vulnerability management, penetration testing, incident response, business continuity, regulatory compliance, application security, and third-party supplier risk management. Kyle is the creator of SMAC MAC Address Changer software which over 3 million users have downloaded globally to test and address security and privacy issues. Kyle holds the top security and privacy certifications, including CISSP, CSSLP, CISA, CDPSE, CIPP/US, CIPP/G, and ISO 27001 Lead Auditor.
Nathan Regola | Advisor
President – Regola Cyber
Nathan Regola, Ph.D., J.D. has over ten years of experience at architecting complex cloud and “big data” systems, while considering operational, business, and regulatory requirements. He holds a B.S. in Computer Science, an M.S. and Ph.D. in Computer Science and Engineering, all from the University of Notre Dame. While working as a Senior Director and Principal Architect at one of the three largest U.S. prime contractors, Nate earned a J.D. at the George Washington University Law School evening program, where he studied technology and government procurement law. Nate was selected for the role at the prime contractor because of his previous private sector experience at large scale cloud architecture and information security so that the contractor could adopt many of the approaches used by private sector organizations to more rapidly innovate their cloud
environment automation. In that role, Nate had the opportunity to build and lead an outstanding 10+ member DevSecOps team that built and maintained automation tools to operate enterprise scale cloud environments. The team supported over twenty Information Systems via the General Support System (GSS) and used automation to implement and manage the reference architecture that Nate designed.
Kevin Wheeler | Advisor
Managing Director- InfoDefense
Kevin Wheeler is a managing director within InfoDefense, a small assessment organization offering NIST SP 800-171 and CMMC services. He has over 20 years of cybersecurity and IT audit experience. Kevin brings cybersecurity and compliance thought leadership as well as commitment to the success of CMMC.