Demystifying CMMC and CPCSC: What Alberta's Defence Supply Chain Must Do Now
CMMC (U.S.) and CPCSC (Canada) are no longer future policy discussions — they are fast-approaching eligibility requirements that will determine which organizations can participate in defence and federal procurement.
CMMC requirements formally took effect in U.S. contracts on Nov 25, 2025, with Canada’s CPCSC program entering Phase 2 in Apr 2026. These frameworks are not “IT upgrades.” They are not “just cybersecurity". They are contract eligibility systems that affect governance, executive leadership, procurement practices, supply chain management, and cross-border data handling.
This session provides attendees with a practical roadmap for navigating compliance efficiently and strategically, and will:
Break common myths
Explain Level 1 vs. Level 2 requirements
Clarify supply chain flow-down obligations, and
Outline the practical pathway to readiness from a business perspective.
The presentation will also address broader procurement eligibility requirements beyond cybersecurity — including personnel security clearances, facility security, secure workspaces, data sovereignty, and Controlled Goods considerations.
Attendees will leave with a clear understanding of what must be done in the next 90 days to protect contract eligibility and position their organizations as defence-ready.
Guest Speaker: LCol (retired) Jonathan Clow, CD2, BA, MDS, Senior Executive Account Manager, 123 Cyber Inc.