Cyber Compliance made easy

COMPLIANCE WITHOUT COMPLEXITY™

Ready for your eyes to glaze over? Neither are we. The complexity of compliance from assessment, to development of the Plan of Actions and Milestones (POAM), to documentation including the preparation for the upcoming Cyber Security Maturity Model Certification (CMMC) is nothing you’ll need to burden yourself with. Because all of that is our job.

We not only provide assessment, security and protection services from cybersecurity threats for small and medium sized manufacturers in Wisconsin and Minnesota, we offer you Compliance Without Complexity. Our customized, cost-effective turnkey program to managing and maintaining your cybersecurity for years to come.

From an audit to assessing your security vulnerabilities and deficiencies, to developing a POAM to address those needs, to executing the POAM, to developing and submitting documentation for securing compliance, to helping you achieve new levels of compliance that can open doors to more business. We handle it all.

And, we do so by requiring a minimal amount of your time. So, you can keep an eye on what you do best.

 

l

1. Assess

 

Comprehensive Vulnerability Assessment

Evaluate small business network scope and needs while providing accurate vulnerability assessments.

~

2. Secure

Mitigation

Apply lessons learned within the assessment to build a plan and develop processes to strengthen security footprint.

3. Protect

Ongoing Managed Services

Execute planned initiatives, report results, and fight against complacency.

Our Services Include

  • Comprehensive Vulnerability Assessments (CVA) that assess NIST SP 800-171 and CMMC compliance gap analysis
  • Plan of Actions and Milestones (POAM) – Creation and on-going management
  • Cybersecurity forensics and remediation services
  • Cybersecurity solutions design and implementation
  • Securing companies by providing best practices and solutions
  • Managed Security Services  – Protecting companies by providing management and support services with annual audits and security focused services
  • GDPR consulting for US companies needing to do business or manage data from the UK and EU
  • Meeting UK Cyber Essentials requirements
  • Business Process Reengineering Analysis
  • Security Educational Programs and Training

What is NIST 800-171?

The National Institute of Standards and Technology (NIST) 800 is a business-oriented cybersecurity standard that provides guidelines, technical specifications, recommendations and annual reports to help keep business’s information safe.

DoD Supply Chain Organizations

NIST 800 is a business-oriented cybersecurity standard that provides guidelines, technical specifications, recommendations and annual reports to help keep business’s information safe. This standard became a requirement in January 2018 for companies working with controlled unclassified information (CUI) anywhere along the Department of Defense (DoD) supply chain. DoD affiliates that fail to reach compliance risk losing their federal contracts. NIST 800-171 compliance is highly recommended for businesses unaffiliated with the DoD. Failure to meet these standards increases vulnerability to cyber-attacks, which can severely damage or even destroy a business. 

There are over 300,000 companies in the US Defense Industrial Base. Most of those companies are small companies with less than 500 employees. The requirements imposed by the CMMC framework are difficult and near impossible for a small business to meet on their own. They will need a cost effective solution to be compliant. The standard was released in January 2020 and the plan is to pilot it with a subset of contracts pulling in up to 1000 suppliers for audit. CMMC certification will be phased in to all DoD contracts over the next five years. 

In the meantime, companies still need to self-certify that they meet NIST SP 800-171. This publication defines policies that apply to all prime and subcontractor companies conducting business with the Federal Government.

Many businesses  need to look at their supply chain to ensure compliance with NIST security standards.

Critical Transportation & Energy Sector Data

Financial Data on Accounts, Bank Transfers, and Financial Reports

Personally Identifiable Information and Regulated Data

Tax, Census, & Sensitive Population Information Data

Patient Records and Information

Law Enforcement Data: Case Files, Personal Identifying Information

Reports and Data Designated as CUI or NATO Restricted

Immigration Data: Status, Visa Status, and Asylees

Military Personnel Records

Non-DoD Supply Chain Organizations

NIST 800-171 compliance is highly recommended for businesses unaffiliated with the DoD. Failure to meet these standards increases a business’s vulnerability to cyber-attacks, which can severely damage or even destroy a business. All companies should follow this standard to keep their information safe. We can help you get there.