Opening Remarks from the Co-Chairs

Jennifer Brown
Director of Security
iDirect Government

Antonia Tzinova
Partner
Holland & Knight LLP

Restructuring Proxy Agreements

Restructuring Proxy Agreements: Determining When It Makes Sense to Restructure to Another FOCI Mitigation Agreement: Key Considerations, Timelines and Processes

Shona Nietsche

Norman E. Pashoian
Industrial Security Consultant
White & Case LLP

• How to meet DSCA expectations when restructuring foreign ownership, control, or influence (“FOCI”) mitigation agreements
• Expected timelines and what can cause delays
• Weighing the pros and cons, and the impact of each type of agreement
• Examining the relationship with the foreign parent, how it differs under a Proxy Agreement, a Special Security Agreement, and a Security Control Agreement or other agreements
• Appointing an inside director under a Special Security Agreement following a PA restructuring

Affiliated Operation Plans in Practice

Top 5 Pitfalls to Avoid When Submitting AOPs and Seeking Approval

Curtis H. Chappell
Vice President, Corporate Security
Thales Defense & Security, Inc.

Heather L. Finstuen
Partner
Covington & Burling LLP

• Best practices and pitfalls to avoid when drafting and submitting an AOP, including:
• Describing Services: Who is providing the affiliated operation, to whom, costs and benefits
• Implementing Services: How will affiliated operations be implemented and are they mandatory?
• Technology: What is being utilized, who has ownership, types of information being shared, and frequency of interaction
• Key strategies for mitigating and managing affiliated operations
• Developing internal steps to ensure you are properly mitigating potential risks, including:
• Review of services: internal steps to ensure compliance with mitigating procedures, and how the FSO and Technology Control Officer (TCO) ensure compliance

Networking Break

The Finer Points of Navigating Overlapping CFIUS and DCSA Jurisdictions: Special Considerations for Filing, Reviewing and Transaction Due Diligence

Dustin D. Dwyer
Chief, Mitigation Strategy Unit
Defense Counterintelligence and Security Agency (DCSA)

Antonia Tzinova
Partner
Holland & Knight LLP

William E. Cooper
Attorney Advisor Office of the General Counsel
U.S. Department of Homeland Security

• Examining new forms, commitment notices, and processes for both CFIUS and DCSA
• How does CFIUS involvement affect DCSA timelines compared to when there is no CFIUS involvement
• Assessing the key provisions of the recent CFIUS reform (FIRRMA)
• Understanding how FOCI blends into the CFIUS review process, and the risks of undue transaction delays
• Identifying and addressing FOCI issues during due diligence and in transaction documents
• Analyzing the effects that FIRRMA has on companies at varying points in the FOCI mitigation and CFIUS approval processes
• Developing a strategy for managing the FOCI and CFIUS processes in tandem
• Best practices for coordinating with government, transaction parties, and outside counsel

Networking Luncheon for Speakers and Delegates

FOCI MITIGATION AGREEMENT CASE STUDIES

How Companies are Now Structuring and Implementing Mitigation Agreements and Addressing Expected (and Unexpected) Challenges: The Nuanced Role of the National Interest Determination (NID) and More

Jennifer Brown
Director of Security
iDirect Government

Drew R. Winneberger
President
Winn Consulting Solutions, LLC
Outside Director, Wood Programs, Inc.
Proxy Holder, Trustwave Government Solutions

• How does DCSA assess business structure in the context of mitigation agreements?
• Ensuring your mitigation agreement aligns with your company’s needs
• How to set up new businesses to anticipate FOCI mitigation
• Understanding the scope of FOCI commitments when making agreements, and that the long-term effects on business structure
• What happens to a FOCI mitigation agreement when a private company becomes public?
• Review of real-world case studies and examples
• How important is it to have a National Interest Determination (NID) — and the role of the NID within a proxy or an SSA

Perspectives from Outside Directors and Proxy Holders: Their Evolving Role, Meeting DCSA Expectations

Mary Griggs
Current Outside Director, Former Director, Industrial Security
Defense Counterintelligence and Security Agency

Wayne Chin
Manager, Mitigation Strategy
Defense Counterintelligence and Security Agency (DCSA)

• Discussing what qualifications or criteria make for a good outside director and proxy holder
• How to meet government expectations and annual reporting standards
• Meeting expectations for site visits and how DCSA now supervises compliance
• How to support your FSO in ascertaining priorities
• Knowing when your company is a target for a security threat
• How (and how not) to address compliance concerns and issues as they arise

Networking Break

PANEL

Insider Threat Analysis and Risk Management

Jennifer Brown
Director of Security
iDirect Government

Mary Griggs
Current Outside Director, Former Director, Industrial Security
Defense Counterintelligence and Security Agency

Anthony King, MBA, ISP^®
Director of Security
Robotic Research OpCo, LLC

Antonia Tzinova
Partner
Holland & Knight LLP

Craig Salvatore
Senior Director, Security Risk & Compliance
Comcast

CHAMPAGNE ROUNDTABLES

Insider Threat Analysis and Risk Management for Classified Contracts amid a Remote and Hybrid Workforce: Security Standards, Monitoring Requirements and Controlling Access

Jennifer Brown
Director of Security
iDirect Government

Anthony King, MBA, ISP^®
Director of Security
Robotic Research OpCo, LLC

Mary Griggs
Current Outside Director, Former Director, Industrial Security
Defense Counterintelligence and Security Agency

Antonia Tzinova
Partner
Holland & Knight LLP

Craig Salvatore
Senior Director, Security Risk & Compliance
Comcast

Back by popular demand! Delegates are invited to break out into smaller group discussion tables to trade experiences and lessons learned for confronting the challenges of maintaining security standards amid a remote and hybrid workforce. Facilitators will guide the conversation to identify the latest best practices.
During the latter part of the session, each table will share their findings with the whole group, followed by audience Q&A.
Topics of discussion will include:

• How is your remote workforce communicating with a foreign parent company?
• How are you monitoring requirements?
• Where are contracts being executed?
• Who has access, and how many people have access, to contracts?

Closing Remarks from the Co-Chairs, Conference Adjourns

Remarks from the Co-Chairs

Supply Chain Threats Affecting Manufacturing and the Defense Industrial Base: New Security and FOCI Considerations Impacting Product Sourcing and Contract Performance

Jeffrey P. Spinnanger
Director, Critical Technology Protection
Office of the Under Secretary of Defense (Intelligence & Security)

The U.S. Department of Defense report entitled, Securing Defense-Critical Supply Chains, released in February 2022, recommends front-end assessment of a program’s acquisition strategy to ensure a resilient supply chain. This session will address the increased scrutiny being placed on U.S. acquisitions and will discuss actionable FOCI mitigation applications.

• Examining new national security focus areas for supply chain, including Kinetic capabilities, Energy storage and batteries, Casting and forging, and Microelectronics
• Analyzing the reports, newly identified “strategic enablers” and how they may cause national security risks, including: Workforce, Cyber poster, Manufacturing and Small business
• Ensuring the parent company is aware of security concerns when introducing foreign products into the United States
• How does the parent company ensure and validate that all the materials of the product are sourced in the U.S., and not a foreign company?

ECPs and TCPs for the IT Manager

How to Ensure Your Electronic Communication Plan (ECP) and Technology Control Plans (TCP) Now Meets New Cyber Security Criteria

Chad A. Nix
Corporate Security Officer
Ultra Electronics Defense, Inc. (UEDI)

Adam MacVean
Corporate Information Systems Security Manager
Ultra Electronic Defense Inc.

• What is the requirement for monitoring data for potential real attacks?
• Knowing who has access to data and know how communication is flowing
• The latest on how systems are protected, including firewalls, system architecture and passwords
• Communicating security measures to outside directors and other key company players
• Meeting expectations for recordkeeping and logs
• Examining and testing compliance
• How are classified contracts being viewed under CMMC
• How unclassified data is now being protected
• How the new DoD cyber security clause is different from earlier versions
• Safeguarding sensitive information
• Enhancing DIB cybersecurity to meet evolving threats
• Ensuring accountability while minimizing barriers to compliance with DoD requirements
• Instilling a collaborative culture of cybersecurity and cyber resilience
• Meeting continuous certification requirements for information systems

Networking Break

C-LEVEL EXECUTIVE PANEL

Corporate Leaders Discuss the Impact of FOCI on Company Priorities, Strategy and Growth for the Future

Michelle D. Hertz
Vice President, General Counsel & Corporate Secretary
CGI Federal Inc.

RC Thompson
CEO
Tactical Air Support Inc.

Chad C. Puffer
Vice President, Head of Security
Saab, Inc.

• How can a foreign national appointment affect your security clearance?
• How will changes to company structure affect National Security Agreements and Proxy Agreements?
• How will company changes affect a company’s National Interest Determination (NID)

How Updated Government Processes are Changing How You Report Foreign Contacts, Visits, Travel and Cleared Personnel: Key Takeaways on the Adjudicative Guidelines and SEAD 3, Supplemental Documents and More

Sheila Garland
Senior Security Manager
Raytheon Intelligence & Space

The new Adjudicative Guidelines and Security Executive Agent Directive (SEAD) 3 with a focus on foreign travel, will take effect as of August 2022. This session will look at supplemental documents, including the contacts and visits policy, foreign travel and cleared personal policy.

• Reporting Foreign Contacts and visits to foreign parents
• Examining clearance for travel to hazardous countries for Sensitive Compartmented Information (SCI)-cleared individuals
• How to report foreign travel outside of the United States
• Meeting expectations for security briefings before any foreign travel, whether for personal or business reasons
• Key misconceptions about visits, and what is considered a “routine business” visit

Closing Remarks from the Co-Chairs, Conference Concludes