Manufacturers that want to retain their DoD, GSA, NASA, and other federal and state agency contracts need to have a plan that meets the requirements of NIST SP 800-171.
The reason behind these regulations is to prevent controlled unclassified information from falling into the wrong hands. According to the 2018 Data Breach Investigations Report by Verizon, public sector entities such as government organizations accounted for 14% of breach victims. In addition, the manufacturing industry, which contracts with the DoD to produce everything from missiles and other weapons to airplanes and computer systems, was also greatly impacted by breaches.
One of the first steps manufacturers need to take is to identify where gaps exist that prevent them from being compliant with Defense Federal Acquisition Regulation Supplement (DFARS) and NIST SP 800-171.
Retain Federal and State Agency Contracts
Industry at HIGH Risk
Identify Gaps, Plan, and Execute
Maintain Compliance with DFARS and NIST SP 800-171
First Call worked collaboratively with CM Manufacturing on a year-long project to bridge the gaps and vulnerabilities found during a NIST Cybersecurity audit. A project of this scope comes with a lot of change. Our solution was a multi-phase project aimed to align business operations with NIST guidelines and compliance regulations while managing change for staff. Each quarter we methodically planned our work, working our plan, and moving the proverbial bar closer and closer toward regulatory compliance.
Projects Implemented at CM Manufacturing include:
New Server Implementation
Implementation of NIST 800 Compliant Spam Filter
Hard Drive Encryption on Servers and Workstations
Migration from On-Premise Exchange (email) to Office 365 Hosted Exchange (email)
Hybrid Backup Solution with Local Backups and Cloud Replication
NIST-800 is a cybersecurity compliance requirement for DOD contractors which is very involved. CM and FirstCall worked out a project timeline in order to become compliant. I am pleased with the project timeline as well as First Call taking the lead and moving this project to completion. CM does not have the time nor the expertise to manage a project such as NIST-800. In today’s cyber threat world it is imperative that organizations implement a standard that mitigates the risk of cyber-attacks. One has to be proactive to these threats as being reactive can create serious threats to the operational success of the organization.
Let's Work Together!
Schedule a FREE Cybersecurity Consultation with one of our Cybersecurity Specialists to learn more about how to improve your business’s security, and start taking action!