The CS5 West conference kicked off on April 16, 2026, at the Gaylord Pacific Resort in San Diego. Widely regarded as the premier national event for the CMMC ecosystem, CS5 combines the former CEIC, CS2, and CMMC Implementation Conference into one powerhouse gathering. Produced in collaboration with the Cyber AB, it attracts industry experts, assessors, solution providers, and organizations seeking CMMC Level 2 certification.

Having attended the series multiple times, I walked away with three standout takeaways worth sharing: the impressive growth of Women in CMMC, persistent contradictions in guidance that continue to frustrate organizations, and a major structural shift announced by the Cyber AB. And of course, ladies first. 

Women in CMMC: Building Momentum in a Male-Dominated Field

The Women in CMMC gathering provides an exclusive space for female professionals across the CMMC ecosystem. Assessors, instructors, business development leads, and technical points of contact came out to network, collaborate, and support one another.

“Women of CMMC are creating an immediate safe space for its members to be the expert without fear of what anyone else thinks. As well as laugh your booty off. In the end, it's about building a community.” - Koren Wise, Wise Technical Innovations

In a field that remains heavily male-dominated, this event stood out for its energy and attendance. Approximately 30 women participated this year, up significantly from the roughly 10 who attended similar sessions in prior years. The growth signals real progress. .

My wife, a K-12 educator transitioning into the CMMC space, attended her first event and was welcomed with open arms. She quickly connected with key players and left energized by the opportunities she saw. Initiatives like this are vital for helping more women realize their potential and drive better outcomes across the ecosystem.

Contradicting Information: The Consistency Challenge in CMMC

As an authorized lead assessor and leader at a C3PAO for over three years, I frequently hear the same frustration from business owners and technical points of contact: “You’re telling me A, but another expert just said B. Which one is right?”

This lack of uniformity is a legitimate pain point. At CS5, it played out in real time. One session warned against including future-state details in the System Security Plan (SSP), arguing that assessors cannot evaluate evidence for controls that do not yet exist. Less than two hours later, another speaker emphasized the value of demonstrating “operationalized” practices, even for organizations that do not currently handle CUI but must achieve Level 2 certification due to prime contractor requirements.

Well, who is correct? When I completed CCA training years ago, instructors emphasized uniformity in interpreting requirements. That consistency has yet to scale across the ecosystem. As a result, organizations seeking certification face ongoing uncertainty: What is the right approach? How much should we spend? What are realistic timelines versus artificial ones?

This is precisely why Koniag Cyber has offered a warranty on its work products since 2021 (when our CMMC business was known as SoundWay). 

We cannot guarantee a passing assessment, but if our recommendations are implemented as prescribed and a negative finding arises from another C3PAO, DIBCAC, the Department of Justice, or a state attorney general, our experts will defend our client’s position, at no additional cost, for up to 40 man-hours. Following Koniag Cyber’s acquisition of SoundWay, we continue this commitment to excellence and client protection.

Major Cyber AB Announcement: A New Engagement Forum

On day one, Cyber AB CEO Matthew Travis announced a significant operational shift. A new Engagement Forum (EF) will take ownership of several key initiatives:

• Overhauling the Practitioner Program
• Updating the CMMC Marketplace 2.0
• Owning the CMMC Book of Knowledge
• Supporting External Service Providers (ESPs)
• Driving greater engagement with the Defense Industrial Base (DIB)
• Hosting CMMC Town Halls

This new forum will be led by Mike Snyder, the current Executive Director of Ecosystem Engagement. 

The Cyber AB itself will now focus exclusively on core accreditation and oversight functions: authorizing and accrediting C3PAOs, overseeing the CAICO, publishing and updating the CAP, enforcing the Code of Professional Conduct, and adjudicating elevated appeals.

This division of responsibilities appears designed to improve collaboration and support across the ecosystem. More details on the EF are expected during the next Town Hall on April 28 at 6:00 PM ET.

The Bottom Line on CS5 and a Sincere Happy Ending

CS5 featured more sellers than buyers, a challenge not unique to this event. Many sessions revisited familiar topics that no longer feel fresh in 2026. Yet the conference underscored a broader reality: CMMC requirements are creating real pressure on small and medium-sized businesses. Primes like General Dynamics, SAIC, Leonardo, Raytheon, and now L3Harris are forcing the issue, leaving subs with a clear choice, comply or risk losing their place on the team.

On the final day, even as many vendors were packing up, I took part in the final session and to my surprise, the panel was very well attended. Our topic? The pros and cons of mock assessments which were chock full of real-world anecdotes and experiences. It was a lively discussion with great audience engagement and clearly a topic on many attendee’s minds. 

For more information on our CMMC services visit here or better yet, send me an email at cschoenberg@koniagcyber.com, I’d love to hear from you.