CMMC & NIST SP 800-171 Compliance

Compliance Without Complexity™

Our Mission is to Protect Your Business 

There are thieves casing your business. And when they’re ready to steal, they won’t pull up in a van in the middle of the night. They will take what they want in broad daylight. Right out from under your nose. And they’ll be miles away when they do it.

The Department of Defense (DoD) is well aware of this. And they are serious that you be, too. With the coming of CMMC, no longer will self-assessment for NIST SP 800-171 compliance be business as usual. While DFAR 7012 allows for self-attestation, DFAR 7021 will require a third-party audit by accredited C3PAOs (Certified 3rd Party Assessment Organizations) in order for you to continue working on any DoD contracted projects. And, you will need to meet compliance for one or more of the five defined levels of cybersecurity depending on the projects you’re working on. For contractors only handling FCI (Federal Contracting Information) Level 1 will be required which encompasses 15 practices. For contractors handling CUI (Controlled Unclassified Information, think ITAR and 600 Series) you will need to meet Level 3 which requires meeting 130 practices (NIST 800-171s 110 controls plus 20 CMMC practices). Contracts will begin requiring CMMC in the latter part of 2020 and be phased in over the next 5 years.

Sound scary? It’s not. In fact, it’s an opportunity to prosper.

We are CyberNINES, a Service-Disabled Veteran-Owned Small Business, a CMMC Registered Provider Organziation (RPO), and a Candidate Certified 3rd Party Assessment Organization (C3PAO), that offers high value and affordable CMMC & NIST SP 800-171 assessments, audits and compliance management for small to mid-size manufacturers in Wisconsin and Minnesota like yourself. And we have developed a cost-effective, turnkey program to not only ensure compliance but help position your business for opportunities to land more DoD contracted work. Even better, it requires minimal effort on your end.

We call it Compliance Without Complexity™. You can simply call it done.

%

43% of cyber attacks are against small to medium sized businesses

%

70% of a business's annual revenue is the average cost of a data breach

%

60% of those that have a data breach suffer a significant negative impact to business operations.

Scott Singer, CyberNINES President, and Matt Frost, CyberNINES Consultant, sat down with WisconsinEye to discuss the importance of small business cybersecurity protection and its best practices