Problems
In the summer of 2019, SysArc began consulting a mid-sized environmental company in the San Francisco Bay area. This organization, an entity with 400 employees, ensures that Department of Defense (DoD) projects are meeting environmental laws and standards.
Like many other DoD contractors, this company faced the prospect of complying with new and emerging CMMC regulations. They enlisted SysArc to get their systems and security up to date and to keep them at top functionality throughout the rollout of CMMC.
Solutions
We began by conducting a full Security Assessment against the NIST 800-171 standards. We completed their assessment in one week and promptly provided them with recommendations the next. They immediately signed on for continued assistance due to our skilled evaluation and timely, communicative process.
We were able to implement their cybersecurity program and help them become DFARS compliant in a very quick turnaround. We helped the client create and implement a System Security Plan (SSP) and Plan of Action & Milestones (POA&M). SysArc then continued working alongside their IT team to provide all the cybersecurity services necessary to fill compliance gaps. We created a tailored, managed solution suited specifically to their needs and vulnerabilities.
We continue to help this client far beyond just an initial analysis and remediation by providing continual managed cybersecurity services that keep them up to date, including the following services:
- Security information and event management (SIEM)
- Security Operations Center (SOC) Services
- Security Policy Creation and Updates
- Implementing cybersecurity awareness training
- Managing their multi-factor authentication (MFA) solution
- Completing vulnerability scanning on a monthly basis
- Providing Cybersecurity Program Oversight & Management (fractional CISO Services)
Results
SysArc aided this environmental agency with timely, knowledgeable service to help them update and improve their cybersecurity to meet compliance standards and continually maintain advanced security measures.
They also gained a competitive advantage due to their desire to rapidly achieve compliance ahead of their competitors. Their proactive approach proved to the DoD that they are taking compliance seriously and that they have a mature cybersecurity program in place, putting them in an advantageous, trustworthy position moving forward.
They also have many subcontractors that they are required to flow CMMC requirements down to, and they now have the knowledge of how to help their subcontractors go down this path. The knowledge that their partners are also secure is another asset to their credibility and security that gives them a competitive advantage.
Because they got up to date with DFARS regulations and continue to keep their cybersecurity continually advancing with SysArc’s help, this company is now secured with advanced cyber protection and much better prepared to continue reacting quickly to new CMMC changes so they can be in a better position to win future contracts.
SysArc has helped over 700 DoD contractors throughout the U.S. navigate the complexities of DFARS, NIST 800-171, and now CMMC. Through our many experiences, we’ve fine-tuned several solutions that enable our clients to prepare to achieve compliance faster and at a lower cost compared to other solutions that have been popping up in the market recently.
Not ready for an assessment? Read our detailed Preparation Guide to CMMC, or visit our CMMC News section for the latest news an updates from the CMMC accreditation Body.