How to meet federal encryption deadlines before September: a guide for DoD contractors
Four federal encryption deadlines land within seven months of each other. On September 21, 2026, FIPS 140-2 certificates move to Historical status. Seven weeks later, DoD contracts handling CUI require third-party CMMC Level 2 certification. Assessors check whether your infrastructure runs FIPS-validated cryptography. Post-quantum requirements for National Security Systems follow in January 2027.
After this session, you will understand:
Assess your FIPS 140-2 risk before Sept 21 to protect contract eligibility
Understand FIPS mode vs. FIPS 140-3 validated cryptography
Map federal deadlines to your compliance needs across regulated industries
Who should attend?
CISOs, program managers, and compliance leads at defense contractors, ISVs and platform vendors, federal suppliers, and regulated organizations responsible for cybersecurity posture and contract eligibility decisions
Panelists
Brian Dawson, Director of Product Management, CIQ
Dave Dickerson, Senior Director of Sales and Partnerships, CIQ
Jeremy Allison, Distinguished Engineer, CIQ
Hope Lynch (moderator), Director of Product Marketing, CIQ
Agenda preview
Why traditional Linux waits for patches, and how RLC-Hardened fights back
LKRG deep dive: runtime kernel protection that detects exploitation as it happens
The layered defense stack: how LKRG + hardened_malloc + hardened glibc make your foundation hostile to attackers
From 40+ hours to 30 minutes: automated STIG compliance in RLC-Hardened
Real ROI: how security-first architecture saves 1-3 FTEs annually
