04 February 2020

US-DK seminar on US DoD cyber security requirements 

Interested in the US defence industry and market access? Attend the seminar on 4 February, and get updated information on the upcoming increased regulations from US Department of Defense.

The upcoming enforced regulations has implications for all companies across the value chain, as the new regulations are required at company level, and is moving from a self-certified stage to a mandatory certification by an outside third party at a specified level af cybersecurity compliance.

Attend the seminar and get a better understanding of the implications it has for your company if you already are, or want to become eligible of becoming, a subcontractor to the US defence industry.

The seminar is held back-to-back with DDAC in order to maximize the benefits for stakeholders participating in both events.

The workshop is organized by CenSec in cooperation with the Danish Chamber of Commerce.


When: 4 February from 12:00 – 16:00

Where: Børsen, Copenhagen

Deadline: 31 January (if still available seats)



12:00-12:45 Registration and light lunch

12:45-12:55 Welcome by Klaus Bolving, CEO, CenSec

12:55-13:30 David Dempsey, Partner, Dempsey Fontana: US Defense Department cybersecurity requirements and supply chain obligations 

Since December 2017, U.S. Defense of Department prime and subcontractors were required to have implemented a compliant NIST SP 800-171 Security System Plan (SSP) and Plan of Action & Milestones (POA&M) designed to effectively safeguard DoD “covered defense information.”  Over the past eight months, DoD’s cybersecurity requirements have significantly evolved from a self-certified cybersecurity plan to a required certification by a qualified outside third party who will be authorized to certify a company to one of 5 levels of cybersecurity compliance.  This is known as the “Cybersecurity Maturity Model Certification” (or “CMMC”) requirement. Currently, DoD anticipates inserting the CMMC requirement in RFPs as soon as September 2020. Your company’s level of third-party certified “cybersecurity hygiene” will determine your eligibility to contract or subcontract with the Defense Department (and likely with some non-DoD agencies) and your competitive posture for evaluation purposes at any tier in the DoD supply and service chain.  David Dempsey has been conducting seminars and webinars on this subject since July 2017.

13:30-14:00 Jan Hosbond, Senior Managing Consultant, IBM Nordic Security Services: How IBM within security are using NIST CSF in both products and services

14:00-14:30 Jesper Rasmussen, Defense Industrial Cooperation Attaché, Danish Embassy, Washington

14:30-15:00 Panel debate

15:00-16:00 Networking



Members of CenSec and the Danish Chamber of Commerce: Free (no show fee: 500 DKK (excl. VAT))

Non-members: 500 DKK (excl. VAT) (invoice will be send after registration)


N.B Limited amount of seats (18 seats left on 23 January). Seats are distributed on a first-come, first-served basis.


Sign up below:


This privacy policy explains how CenSec processes the personal data you provide, when you register for events on our website. The personal data we collect are needed to provide you with information before, during and after the event. We use your personal data, i.e. name, email and phone number to contact you with further information regarding the specific event, including the list of participants (name, title, company) before and after the event on the event website and/or direct email. In relation to documentation and promotion of this and upcoming events, we can choose to take photos from the day that can be used on LinkedIn and our website.

We also use your data for the promotion of our other events, that we find could be of interest to you. You can at any given time unsubscribe from this information by contacting our secretariat. See our webpage for more information www.censec.dk/en//contact. You have the right to know which information CenSec has about you, and to have them corrected or even deleted, if CenSec has no further reason to keep them. You have the right do deny the use of your data for any promotion of other events. CenSec stores information about participants in our events as documentation to the extent that our projects require it. CenSec also discloses company information such as company name, address and company registration number (CVR number) to the Danish Agency for Science and Higher Education and their database called InnovationDanmark. The InnovationDanmark database is used solely for statistical and scientific purposes.

The legal unit responsible for your data is:

CenSec, N.O. Hansens vej 4, DK-7470 Karup

VAT 30629809.

By signing up for this event, you accept the abovementioned conditions.

The seminar is organized  in cooperation with the Danish Chamber of Commerce: