The Rolle IT Cybersecurity Team at Cui-Con 2025: Key Takeaways from the CMMC Ecosystem Event
Rolle IT just wrapped up another great trip to CUI-CON. One of the biggest benefits of attending CUI-CON is the opportunity to interact and hear from the relatively small circle of people who truly understand the CMMC universe and, in many instances, were some of the founding influences in the space. These are the people who have been thinking about what CMMC is and should be for almost a decade, while most of us have only been paying attention to it for a few years. This matters because there is so much fluff and misinformation in the system surrounding CMMC.
We had the chance to discover the latest trends in CMMC implementation and the new, innovative tools available that help all of us manage our certification journeys more efficiently and effectively. This space is still quite young and changing rapidly, so it was great to see many new products and, potentially, forge new relationships that will help our clients succeed.
And speaking of clients, it is always so important and eye-opening to meet new businesses and hear what their challenges and needs are. Of course, we hope to be able to help them in their journey to compliance. But even if they are not new clients, hearing their lessons learned and the challenges that they face help us to understand how to better serve our clients in the future. The reality is that most companies pursuing CMMC alone are significantly underprepared for a Level 2 CMMC assessment and would struggle to achieve a positive SPRS score based on recent conversations.
CUICON is an intense, fast-paced environment in which every minute is an opportunity to sharpen your CMMC implementation gameplan. But it is also a fun time to make new friends and reconnect with old ones. But now, it’s back to work with a renewed sense of the importance of the task at hand. But one that feels a little smaller now. CMMC requires allies. Come join us. Contact our Security Team Here
Key Highlights from Cui-Con 2025
1. Expert Panels and Engaging Discussions
The discussions provided actionable insights into the evolving regulatory requirements and how companies can stay ahead of the curve. Our team found tha the presentations were far more targeted than other conferences, addressing key CMMC rollout challenges facing the DIB. Rolle IT’s CCPs found a lot of value in the increased clarity and guidance from industry leaders.
2. Mock Assessment – A Realistic Compliance Experience
One of the most impactful aspects of Cui-Con was the mock assessment sessions, so great to be a part of that robust Q&A. Assessors are not the enemy!
3. Interactive Q&A Sessions
The audience at Cui-Con 2025 came prepared with insightful questions, fostering meaningful discussions with panelists and experts. Attendees were eager to dive into the nuances of compliance challenges, cyber threat mitigation, the role third party providers, and partnerships in maintaining security postures. The openness and willingness of the speakers to engage in constructive and lighthearted discussion was so fun to be a part of.
4. Approachable and Knowledgeable Speakers
The caliber of speakers at Cui-Con 2025 was exceptional. Experts from the Cyber AB, CMMC Third-Party Assessment Organizations (C3PAOs), Third party providers, and cybersecurity firms shared their knowledge and perspectives on the future of compliance. Their accessibility and willingness to provide guidance underscored the collaborative spirit within the CMMC ecosystem.
5. Networking and Collaboration Opportunities
Beyond the sessions, Cui-Con provided numerous opportunities to connect with peers, industry leaders, and potential partners. The conversations we had with other cybersecurity professionals, clients, industry peers, and partners reaffirmed the shared goal of strengthening supply chain security and ensuring that federal contractors are prepared for the challenges ahead.
6. Caution and Due Dilligence
Rolle IT CCP Grant Mooney found that misinformation and mixed messages are still rampant, especially from both product and service providers.
“Every company is trying to sell a product or service, but there’s still not nearly enough focus on actual implementation consulting. As Rolle IT’s Lead CMMC-CCP Consultant, I see companies both overbuying on infrastructure and security tools and others vastly underestimating the complexity of passing a CMMC Level 2 audit. You cannot package CMMC into a box, nor should most companies try to meet all controls internally unless they have the expertise and financial foundation to do so. If you can handle it internally, great—but in my experience, almost every organization benefits from working with a CMMC-aware ESP. Don’t just buy GCC High because a Microsoft rep told you to, and don’t assume pre-written policies alone will get you compliant even if the person selling policies tells you they will. Spending your money the right way in this journey is essential. Take the time to truly understand this massive upcoming shift and determine whether you need consulting or external support.”
Moving Forward with CMMC Readiness
Attending Cui-Con 2025 reinforced the importance of proactive cybersecurity strategies in achieving and maintaining CMMC compliance. The insights gained from this event will enable us to better support our clients as they navigate the complexities of the compliance process. It’s clear from the audience questions, that no two organizations are the same and organizations need to leverage custom solutions to meet CMMC requirements and minimize any impacts on their business operations
At Rolle IT Cybersecurity, we remain committed to staying at the forefront of CMMC developments and helping organizations implement and maintain robust security frameworks. Whether you’re preparing for an upcoming assessment or seeking guidance on maintaining compliance, our team is here to help. Good Luck! Reach out to us if you want our help.
Big Thanks to Fernando Machado and Matthew Titcombe for organizing this event year after year! Looking forward to year #4! Cui-Con 2025, a premier CMMC ecosystem event bringing together industry leaders, organizations seeking assessment, and professionals dedicated to supporting federal contractors in achieving and maintaining CMMC compliance. The event was packed with insightful panels, engaging discussions, and invaluable networking opportunities that deepened our understanding of the evolving CMMC landscape and strengthened our partner relationships
If you missed Cui-Con 2025 or want to learn more about how we can assist in your CMMC journey, contact us today! CMMC @ RolleIT.com 321-872-7576
