Infinity Fuel Cell Establishes Cybersecurity Compliance for Government Contracts

Logo for INFINITY, text in bold black with blue and green arcs.

"Thanks to CONNSTEP the compliance process was not as overwhelming as it could have been. They helped us not to overwork or over engineer things that we already had in place. They also kept us focused and provided good guidance. It’s an ongoing process which we are better prepared for now."

—Bill Davis, Controller, HR Director, Infinity Fuel Cell and Hydrogen, Inc.

Established in 2002, Infinity Fuel Cell and Hydrogen leverages its years of military and space fuel experience designing the next generation of air-independent fuel cells and regenerative fuel cells. With support from NASA and other U.S. government agencies, Infinity has achieved key breakthroughs in fuel cell design that have simplified the complexity of these systems and significantly improved performance and reliability.


Infinity Fuel is primarily focused on the aerospace and defense markets, providing technology to Unmanned Aerial Vehicles, Autonomous Underwater Vehicles, and Space programs. As a key manufacturer for NASA and military applications, cybersecurity compliance is of paramount importance.

  • Challenge

    Evolving Cybersecurity Landscape


    The defense industry and commercial businesses are increasingly concerned about cybersecurity. In most cases, to qualify as a contractor for government contracts, adherence to established cybersecurity standards is a requirement.


    Given the amount of work Infinity Fuel conducts with NASA and the federal government, the company was obligated to conform to cybersecurity requirements. To help them fulfill their cyber compliance, Infinity partnered with CONNSTEP, the Manufacturer Extension Partnership (MEP) representative in Connecticut.

  • Solution

    Initiating the Compliance Process


    As a government contractor, Infinity Fuel Cell and Hydrogen must comply with Defense Federal Acquisition Regulation Supplement (DFARS) requirements that all companies doing business with the U.S. Department of Defense (DoD) safeguard sensitive defense-related data and report cybersecurity incidents. Adequate security includes implementing the requirements of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171.


    Infinity needed to complete a system assessment, implement new policies, conduct staff training, and strengthen their Information Technology (IT) hardware and software configurations.


    In order to improve the safeguards of defense-related data, CONNSTEP collaborated with Infinity Fuel to:

    • Perform a gap analysis to NIST SP 800-171 requirements
    • Create a Plan of Action (POA)
    • Customize policies and procedures
    • Define milestones in the POA
    • Create a System Security Plan (SSP)
    • Create an Incident Response Plan (IRP)
    • Train employees on new policies and procedures

    Infinity’s implementation of NIST SP 800-171 controls is a key step towards the development of a sustainable Cybersecurity Maturity Model Certification (CMMC) program.

  • Result

    Compliance with DoD cybersecurity measures was well-documented by Infinity management with guidance and assistance by CONNSTEP.


    Specifically, CONNSTEP conducted an assessment of Infinity’s understanding of the DFARS and NIST SP 800-171 requirements. The effectiveness of security controls was evaluated and any gaps in the performance of these controls were identified as they related to NIST SP 800-171 and delivered in a report.


    With findings from the gap analysis report, a Plan of Action was created with risk prioritization. It included policies and procedures structured to help Infinity achieve compliance with DFARS 252.204-7012 and NIST SP 800-171 cybersecurity protocols and requirements.


    The Infinity Fuel team and their IT resources worked with CONNSTEP on an SSP and IRP for the company. Infinity’s System Security Plan contains their:


    • Cybersecurity assessments
    • Network and interconnection diagrams
    • Plan of Action information
    • Policies and procedures for NIST SP 800-171 compliance

    The Incident Response Plan developed by the Infinity team prescribes timely and protective procedures for employees to handle cyber incidents at the company and their IT network, necessary to be compliant with NIST SP 800-171.


    Infinity Fuel management has taken the necessary steps and followed the processes required to achieve compliance in good standing as a contractor for federal government programs.


    Next Steps

    Infinity management will train their employees on policies and procedures to ensure cybersecurity compliance at all levels of the company.


    In addition, CONNSTEP will assist Infinity Fuel in development of a sustainable CMMC program, building on their implementation of NIST SP 800-171 controls. The program provides assurance to the DoD that Infinity has the ability to meet cybersecurity requirements and manage information risk.

< Older Post

 Newer Post >
Penn Globe logo over a room with people, possibly a conference.

Penn Globe: Lighting the Way to Growth with Employee Training

February 11, 2026
Learn how Penn Globe partnered with CONNSTEP to invest in employee training, strengthen skills, and support business growth and competitiveness.
Logo of Specialty Cable Corporation (SCC) in a warehouse setting.

Specialty Cable Manufacturer’s Commitment to Quality Earns AS9100 Recertification

February 10, 2026
See how Specialty Cable Manufacturers partnered with CONNSTEP to strengthen quality systems and successfully achieve AS9100 recertification.
People in a factory setting, with the Forum Contract Manufacturing logo in the foreground.

Building from Within: Forum Plastics’ Investment in Supervisory Training

February 9, 2026
Learn how Forum Plastics partnered with CONNSTEP to invest in supervisory training, strengthen leadership skills, and support long-term growth.
Logo of the letter

Printing Company Drives Environmental Sustainability Through Efficiency

February 8, 2026
See how a Connecticut printing company partnered with CONNSTEP to improve efficiency, reduce waste, and advance environmental sustainability.
Beekley Medical logo with text

Commitment to World-Class Service Leads to Successful Recertification for Medical Products Manufacturer

February 7, 2026
Learn how a medical products manufacturer partnered with CONNSTEP to strengthen quality systems and achieve successful recertification.
Pursuit Aerospace logo over a blurred medical equipment background. The logo is white text on a black rectangular box.

Internal Quality Audit Puts Aerospace Manufacturer Back on Track to Compliance

February 6, 2026
See how an aerospace manufacturer partnered with CONNSTEP to conduct an internal quality audit and get back on track to compliance.