Cybersecurity Planning Toolkit

What it’s about:

• Cybersecurity Planning Toolkit offers free online training material and tools including interactive lessons, videos, and templates that you can start using immediately to assist in moving forward toward compliance.
• Microsoft Excel Workbook tracks your progress and serves as a gap assessment, planning and documentation tool for NIST 800-171 compliance.
• Separate worksheets address the security controls within each of the 14 families of NIST 800-171 requirements, with all 101 security requirements addressed in this tool.

How we help:

Each worksheet contains:

• The NIST 800-171 security requirement within that family with a checklist column to indicate whether or not you are in compliance.
• The NIST 800-53 method of control that applies to the security requirements.
• Implementation support for the security requirements.
• A documentation column for use in entering locations of supporting evidence of compliance, dates of compliance, or planned compliance initiatives in progress.

GET ACCESS TO TOOLKIT >

DFARS Compliance & NIST SP 800-171

What it’s about:

• Achieving Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) minimum cybersecurity standards.
• Requires prime defense contractors and their supply chain protect sensitive information, classified as Covered Defense information, to the requirements defined in NIST SP 800-171
• Will ultimately expand to all DoD procurement in future years, applying to both prime and subcontractors

How we help:

• We conduct an executive overview of the steps and processes required to achieve compliance over time and other related federal cyber regulations
• Work with you to ensure you will be compliant with the controls described in NIST Special Publication 800-171

Gap Analysis

What it’s about:

• Conducting an assessment that allows your organization to understand how compliant you are to the NIST SP 800-171 standard
• Determines what’s missing – the gaps – and what’s needed to ensure your cybersecurity compliance

How we help:

• We’ll evaluate your security controls and identify where gaps exist with respect to NIST SP 800-171 and which may be preventing you from being compliant
• We provide a report with all the steps required to bring your business within the NIST SP 800-171 standard and where to focus your efforts
• We develop recommendations for improvements in a Plan of Action with Milestones (POAM)

Cybersecurity Maturity Model Certification (CMMC)

What it’s about:

• The CMMC incorporates the requirements of NIST SP 800-171 and establishes a framework for defense contractors to become certified as cybersecurity compliant
• Represents a unified standard for implementing cybersecurity across the industrial base
• Contractor’s remain responsible for implementing critical cybersecurity requirements but also require third party assessments for certification

How we help:

• We assist you to verify that all technology and physical security aspects are working properly
• We work with you to establish a System Security Plan and Plan of Action with Milestones as a demonstration of your compliance

System Security and Incident Response Plans

What it’s about:

• A System Security Plan is based on a review of the current state of your system with input from your IT resources
• An Incident Response Plan details how to help detect, respond to, and recover from network security issues that may occur

How we help:

• We work with you to document policy and procedures designed to meet NIST SP 800-171 standards and train employees on them
• Collaborate to develop and implement system security plans for organizational information systems that describe the security requirements in place or planned for the systems
• Assist you in creating an approach to managing, containing, remediating, and preventing recurrence of a cybersecurity incident