Our Chief Information Security Officer, Josh Ablett, is a CMMC-AB Registered Practitioner.
NIST 800-171 contains 109 specific things that you, as a government contractor, must have to help protect the United States against cyber security attacks. And, in 2021, the CMMC is coming to enforce your adherence.
These regulations are required and non-compliance will result in the loss of your contract with the government.
But don’t worry — if you’re not compliant, you’re not alone. Here’s the quickest and easiest way for you to prove CMMC and NIST 800-171 Compliance.
Do you have proof of CMMC and NIST 800-171 Compliance?
Hackers want to learn what you sell to the government (and in what amounts) to gain intelligence about US government activity and military plans. By implementing NIST 800-171, the DoD is trying to make it harder for cyber attackers.
Your customers will soon start auditing your compliance with NIST 800-171 (if they haven’t already). When they do, they’re not going to accept a simple “yes” or “no” answer.
You need proof of compliance.
You need to prove that your computers are protected against hackers. You need to prove that your staff knows how to handle confidential government data. You need to prove that your team knows how to spot a cyber attack AND how to handle it responsibly. And, most importantly, you need to protect your revenue by proving that you were open and transparent when you said “yes, we comply with NIST 800-171.”
The Solution: Adelia Risk Cyber Security as a Service
Adelia Risk will:
Assess your business and identify your gaps with NIST 800-171
Develop a plan to demonstrate compliance at the lowest possible cost
Provide added protection against breaches and malware
Teach your staff how to practice good cyber security
Provide evidence for customers and regulators to prove you take cyber security seriously
You Get the Complete Solution
Annual risk and gap assessment – we find the gaps between your company and NIST 800-171/CMMC, and help you fix them.
Sensitive data inventory – where are your “crown jewels” that need to be protected from hackers?
Third party vendor risk review – how are your downstream vendors exposing you to hackers?
Train your users on common cyber security fails – monthly training videos that take less than 5 minutes and are actually fun.
Detect suspicious activity – monitor your firewall logs for signs of an attack.
Secure computing – checklists and tests to make sure your computers are configured properly.
Secure mobile devices – checklists and tests to make sure your smartphones and tablets are configured properly.
Incident response tests – quarterly fake phishing attacks that will test how your employees will behave in a real attack.
User security tests – quarterly sessions with key users to confirm that your security systems are working as they should.
Find the vulnerabilities hackers use – quarterly scanning of your key systems and of your network like a hacker would.
Monitoring for suspicious changes – on-going monitoring of your network and DNS records for signs of a hack.
Executive cyber security briefings – semi-annual sessions to review the health of your security and make changes.
The package described above meets the requirements of most firms who need CMMC and NIST 800-171 Compliance. Depending on your situation, though, you may also need additional solutions.
We pride ourselves on outfitting government contractors with security that meets your needs but isn’t overkill. We’ll learn about your business and customers and then give you a crystal clear picture on what you need and why.
Common examples include:
Secure Web Browsing Add-On
Email Security Add-On
Email URL Defense
Fully Transparent Secure Email
Support during NIST 800-171 Audits
Employee activity monitoring
Data Loss Prevention
User Permission Reviews
Disaster Recovery testing
Monitoring for stolen credentials
Website security monitoring
Ready to learn more? Call us at 888-646-1616 or book a free strategy session.