CMMC Level 1 Workshop Series | Lionfish Cyber
CMMC Level 1 Certification Training

Master CMMC Level 1 Compliance
in 3 Power-Packed Workshops

Transform your defense contracting business with expert-led training on the 15 essential practices. Get compliant, stay compliant, and win more contracts.

Workshop Schedule

Mark your calendars for these essential sessions

Workshop 1: READY!
Dec 3, 2025
5:00 - 6:00 PM EST
CMMC Level 1 Foundations
Workshop 2: AIM!
Dec 10, 2025
5:00 - 6:00 PM EST
Implementing the 15 Practices
Workshop 3: SUSTAIN!
Dec 17, 2025
5:00 - 6:00 PM EST
Continuous Compliance & Assessment
3 × 60-Minute Sessions
15 CMMC Practices Covered
Free Personal Consultation
Register for Free Workshop Series View Workshop Details
15
CMMC Practices
3
Expert Workshops
100%
Compliance Ready
60
Minute Consultation

CMMC Compliance is Now Mandatory
for DoD Contractors

Without CMMC certification, you cannot bid on or renew DoD contracts. The clock is ticking, and non-compliance means lost revenue, missed opportunities, and potentially losing your business.

  • $57-109 billion annual cost to U.S. economy from cyber threats
  • Level 1 compliance required for all contractors handling Federal Contract Information (FCI)
  • Annual self-assessment mandatory with senior official attestation

Don't Wait Until It's Too Late

Organizations typically need 3-6 months to achieve full compliance. Start now or risk:

  • Lost contract opportunities
  • Contract termination
  • Competitive disadvantage
  • Potential False Claims Act liability
Secure Your Spot Now

Your Complete Path to CMMC Level 1 Compliance

Three progressive workshops that take you from understanding requirements to achieving "Final Level 1 (Self)" status in SPRS

Workshop 1: READY!

CMMC Level 1 Foundations

Understand the 15 basic safeguarding requirements, identify Federal Contract Information (FCI), and learn the self-assessment process.

  • Why CMMC Level 1 matters
  • Define FCI and assessment scope
  • All 15 practices explained
  • Self-assessment process overview
Duration 60 minutes
MOST POPULAR

Workshop 2: AIM!

Implementing the 15 Practices

Learn practical implementation strategies, develop policies and procedures, and master evidence collection using the Lionfish Cyber Tackle Box GRC system.

  • Technical control implementation
  • Policy & procedure templates
  • Evidence collection strategy
  • Lionfish Tackle Box demo
Duration 60 minutes

Workshop 3: SUSTAIN!

Continuous Compliance & Assessment

Conduct gap analysis, prepare for self-assessment, navigate SPRS submission, and establish continuous compliance operations.

  • Comprehensive gap analysis
  • Remediation roadmap creation
  • SPRS submission process
  • Ongoing monitoring strategy
Duration 60 minutes

BONUS: Free Personalized Consultation

After completing the workshop series, you'll receive a 45-60 minute personalized consultation where we'll review your specific gaps, set up your Lionfish Cyber Tackle Box account, and create a customized compliance roadmap.

Gap Analysis Review

Tackle Box Setup

Custom Roadmap

Pricing & Support

Why Choose Our Workshop Series

Get expert guidance, practical tools, and a clear path to compliance

Expert-Led Training

Learn from cybersecurity professionals with deep CMMC expertise and real-world implementation experience.

Actionable Frameworks

Get practical checklists, templates, and procedures you can implement immediately in your organization.

GRC System Access

Hands-on experience with Lionfish Cyber Tackle Box, designed specifically for CMMC compliance tracking.

Time-Efficient

Only 3 hours of workshop content plus consultation—maximum impact with minimal time investment.

Cost-Effective

Avoid expensive consultants. Learn to conduct your own self-assessment and save thousands of dollars.

Personalized Support

Get one-on-one consultation tailored to your organization's specific needs and challenges.

Your Journey to Compliance

From enrollment to certification—here's what to expect

1

Register Today

Sign up for the workshop series and receive immediate access to pre-workshop materials and resources.

2

Attend 3 Workshops

Complete all three 60-minute sessions: READY, AIM, and SUSTAIN. Interactive Q&A included in each session.

3

Schedule Consultation

Book your free 45-60 minute personalized consultation to review your gaps and get your Tackle Box configured.

4

Implement & Track

Follow your customized roadmap, implement controls, and track progress using Lionfish Tackle Box GRC system.

5

Achieve Compliance

Complete self-assessment, submit to SPRS, and achieve "Final Level 1 (Self)" status. Win more DoD contracts!

Expected Timeline to Full Compliance

3
Hours of Training
3-6
Months to Implement
100%
Compliance Achieved

What You'll Learn in Each Workshop

Comprehensive, hands-on training covering all 15 CMMC Level 1 practices

Workshop 1

READY! CMMC Level 1 Foundations

Build a solid understanding of CMMC requirements, Federal Contract Information, and the 15 essential practices.

Dec 3, 2024 at 5:00-6:00 PM EST
60 minutes (45 min content + 15 min Q&A)
All stakeholders welcome

Workshop Content:

Why CMMC Level 1 Matters (5 min)
  • • DIB sector threat landscape ($57-109B annual cost)
  • • DoD's mandate to protect Federal Contract Information
  • • CMMC 2.0 three-tier structure explained
What is Federal Contract Information? (5 min)
  • • FCI definition (32 CFR § 170.4 & FAR 52.204-21)
  • • Examples of FCI vs. non-FCI data
  • • Why it matters for your compliance scope
The 15 CMMC Level 1 Practices (15 min)

Access Control (4 practices)

Authorized access, role-based permissions, external connections, public information control

Identification & Authentication (2 practices)

User identification, authentication methods (MFA)

Media Protection (1 practice)

Sanitize or destroy media before disposal

Physical Protection (2 practices)

Physical access limits, visitor management

System Protection (2 practices)

Boundary monitoring, system separation

System Integrity (4 practices)

Patch management, antivirus, malware protection

The Self-Assessment Process (10 min)
  • • Annual self-assessment requirements
  • • Three assessment methods: Examine, Interview, Test
  • • Assessment findings: MET, NOT MET, N/A
  • • Path to "Final Level 1 (Self)" status in SPRS
Defining Your Assessment Scope (5 min)
  • • Enterprise-wide vs. enclave-based approaches
  • • Identifying FCI data flow in your organization
  • • Network segmentation considerations
Getting Started - Your Next Steps (5 min)
  • • Immediate actions to take
  • • Common starting points and quick wins
  • • Introduction to Lionfish Cyber Tackle Box
Takeaways
  • ✓ CMMC Level 1 Practice Checklist (PDF)
  • ✓ FCI Identification Guide
  • ✓ Scope Definition Worksheet
Workshop 2

AIM! Implementing the 15 Practices

Master practical implementation strategies, develop essential documentation, and learn evidence collection techniques.

Dec 10, 2024 at 5:00-6:00 PM EST
60 minutes (45 min content + 15 min Q&A)
IT managers & implementation teams

Workshop Content:

Access Control & Identity Implementation (12 min)
  • • User account management & RBAC setup
  • • Eliminating shared accounts
  • • MFA deployment strategies
  • • External connection authorization workflows
  • • Evidence requirements for each practice
  • • Quick wins: Account audits, disable inactive accounts (1 day)
Physical & Media Protection Implementation (8 min)
  • • Media sanitization procedures (NIST SP 800-88)
  • • Physical access controls (badges, locks, server rooms)
  • • Visitor log and escort procedures
  • • Badge/key inventory management
  • • Quick wins: Lock server room, create visitor log (1 day)
System Protection & Integrity Implementation (12 min)
  • • Firewall configuration and boundary monitoring
  • • Network segmentation (VLANs, DMZ)
  • • Vulnerability scanning and patch management
  • • Antivirus/EDR deployment and updates
  • • Scheduled scanning configuration
  • • Quick wins: Enable firewall logging, verify AV coverage (1 week)
Policy & Documentation Requirements (7 min)
  • • Why policies matter (evidence requirement)
  • • 6 essential policies for Level 1 compliance
  • • Policy template components and structure
  • • Required procedures (provisioning, disposal, patching, etc.)
  • • Version control and approval tracking
Evidence Collection Strategy (3 min)
  • • Evidence matrix: What you need for each practice
  • • Organization strategies (folders, naming, currency)
  • • Evidence types: Documents, screenshots, logs, tests
  • • Using Lionfish Tackle Box for evidence management
Lionfish Tackle Box Demos (Throughout)
  • • Live walkthrough of practice tracking
  • • Evidence repository and organization
  • • Remediation planning with task tracking
Takeaways
  • ✓ Implementation Checklist & Timeline
  • ✓ Evidence Matrix Template
  • ✓ Policy & Procedure Templates (6 policies)
  • ✓ Technical Configuration Guides
Workshop 3

SUSTAIN! Continuous Compliance & Assessment

Prepare for self-assessment, submit to SPRS, and establish ongoing compliance monitoring.

Dec 17, 2024 at 5:00-6:00 PM EST
60 minutes (45 min content + 15 min Q&A)
Leadership & compliance teams

Workshop Content:

Conducting Your Gap Analysis (12 min)
  • • Gap assessment framework for all 15 practices
  • • Gap classification: Complete, Partial, Documentation, Evidence
  • • Prioritization matrix: Risk × Effort = Priority
  • • Live example: Analyzing common gaps
  • • Interactive exercise: Self-score your top 5 practices
Remediation Roadmap (10 min)
  • Phase 1: Quick wins (0-30 days) → 60% compliance
  • Phase 2: Short-term implementation (30-90 days) → 85% compliance
  • Phase 3: Long-term projects (90-180 days) → 100% compliance
  • • Resource allocation: Internal staff, external support, budget
  • • Typical costs: $15K-$50K total investment
Self-Assessment Preparation (10 min)
  • • Assessment readiness checklist
  • • Evidence review and validation
  • • Interview preparation for staff
  • • Test demonstrations (MFA, unauthorized access, scanning)
  • • Mock assessment best practices
  • • Internal vs. third-party assisted options
SPRS Submission Process (5 min)
  • • What is SPRS? (Supplier Performance Risk System)
  • • Registration requirements (CAGE Code, UEI)
  • • 10-step submission process walkthrough
  • • Senior official affirmation requirements
  • • Annual re-assessment requirements
Continuous Compliance Operations (5 min)
  • • Ongoing monitoring by practice (frequencies and tools)
  • • KPIs to track: Compliance %, evidence currency, vulnerability age
  • • Process integration: Onboarding, offboarding, change management
  • • Annual assessment calendar
  • • Using Lionfish Tackle Box for continuous monitoring
Takeaways
  • ✓ Gap Assessment Workbook
  • ✓ Remediation Roadmap Template
  • ✓ SPRS Submission Guide
  • ✓ Continuous Monitoring Checklist

Who Should Attend

This workshop series is perfect for:

Defense Contractors

Prime contractors and subcontractors handling FCI

Business Owners

CEOs and executives responsible for compliance

IT Managers

IT directors and sys admins implementing controls

MSPs

Managed service providers supporting DoD clients

Frequently Asked Questions

How long does it take to achieve Level 1 compliance?

Most organizations take 3-6 months to achieve full compliance, depending on current security posture and available resources. Our workshop series and consultation will help you create a realistic timeline for your organization.

Do I need Level 1 or Level 2 CMMC?

It depends on your contracts. Level 1 (15 practices) is for contractors handling Federal Contract Information (FCI). Level 2 (110 practices) is required for Controlled Unclassified Information (CUI). Check your contract requirements or consult with us during your free consultation.

Can I do the self-assessment myself or do I need help?

Both options are valid! You can conduct an internal self-assessment or hire a third-party to assist. Both result in "self-assessment" status. Our workshop series equips you to conduct your own assessment, potentially saving thousands in consulting fees.

What does CMMC Level 1 compliance typically cost?

Costs vary widely based on your current gaps and environment size. Typical investments range from $15,000-$50,000, including software licenses, hardware (badge systems, etc.), and potential consulting support. We'll help you estimate costs during your personalized consultation.

What is the Lionfish Cyber Tackle Box?

Lionfish Cyber Tackle Box is a GRC (Governance, Risk, and Compliance) system specifically designed for CMMC compliance. It helps you track all 15 practices, organize evidence, manage remediation tasks, and prepare for assessments. Workshop attendees receive a free consultation including Tackle Box setup.

What happens if I fail the self-assessment?

If you identify gaps during your self-assessment, you simply remediate those gaps and reassess. You should NOT submit to SPRS until all 15 practices are MET or N/A. Our workshop teaches you how to identify and close gaps before your official assessment.

Is attendance required for all 3 workshops?

While we highly recommend attending all three workshops for comprehensive understanding, each session is designed to provide standalone value. However, to qualify for the free personalized consultation, completion of all three workshops is required.

Ready to Achieve CMMC Compliance?

Register now for our free 3-part workshop series and get started on your path to compliance

100% Free Training
Free Consultation ($500 value)
Downloadable Resources
Expert Q&A Support

Register for Workshop Series

Fill out the form below to secure your spot

Trusted by defense contractors nationwide

CMMC Certified
Secure Training
Industry Experts