CyberSheath ensures compliance with new cybersecurity standards for defense contractors
CyberSheath launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government.
The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.
When combined with CyberSheath’s existing Managed Compliance and Security Services, the new Managed IT Services cover the full spectrum of managed services needs for most U.S. Defense Industrial Base (DIB) contractors.
CyberSheath has long recognized that a large part of IT delivery, tasks such as patching and asset management, are foundational to NIST 800-171 and CMMC compliance, and customers need a force multiplying solution for Managed IT services.
This offering is only available to defense contractors and uniquely built to make CMMC and NIST 800-171 compliance a natural outcome of day-to-day operations.
This new consolidated solution is anchored on Microsoft technology or Microsoft Solution Partner technology, but flexible enough to “meet you where you are.” It has the distinct ability to add compliance or security-as-a-service either upon initial onboarding, or at any time during the subscription period.
As a “Hosted Compliance,” it combines elements of MSSP and Managed IT and uses a Microsoft-focused technology stack, including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio.
CyberSheath’s CMMC Managed Services future-proof clients against CMMC policy changes and new implementation requirements.
“Any defense contractor that fails to comply with the CMMC will not be doing business with the DoD moving forward as the DoD now prevents non-compliant contractors from participating in DoD contract awards,” said Andy Shooman, COO at CyberSheath Services International.
“Our IT managed services are built for the many defense contractors, both Primes and Subs, that still don’t fully understand the DFARS requirements and believe that their weakest link to compliance may be their existing IT services.
Simply put, the new DFARS rules raise the stakes and companies that don’t quickly become compliant will be left out of DoD contracts. Our IT managed services ensure that doesn’t happen.”
The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors.
The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.
CyberSheath uses a proven AIM (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard both for existing regulatory requirements and CMMC.
CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments.
Leveraging AIM to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.
CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services.
This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.
“Frankly, defense contractors have seen a lot of changes in cybersecurity compliance over the past year, but we have been delivering audit-ready, U.S. DoD compliance-focused managed services for more than five years in response to the original NIST 800-171 requirements and know we can assist contractors expeditiously with their needs,” said Mr. Shooman