WMEP works with manufacturers every day to help companies analyze new and existing technology to develop a framework for SECURE business operations.
The Cybersecurity Standards
NIST Special Publication 800-171
All Department of Defense (DoD) contractors must meet the Defense Federal Acquisition Regulation Supplement (DFARS) minimum cybersecurity standards or risk losing federal contracts. If you’re like many businesses, you may not know what is expected or even how to get started. Not to worry. The WMEP has assembled a team of cybersecurity experts to determine if you are compliant with the requirements described in NIST Special Publication 800-171 and on the path to CMMC certification.
Cybersecurity Maturity Model Certification (CMMC)
ATTENTION DEPARTMENT OF DEFENSE, GSA AND NASA CONTRACTORS:
The new security framework, Cybersecurity Maturity Model Certification is coming. It will be required by October 2025. The new framework is built upon the NIST 800-171 standard but will require more controls and a third-party audit. This certification will be a requirement for all contracts that handle Federal Contract Information or Controlled Unclassified Information. WMEP can help you determine what level of certification you need and how to get there.
The WMEP’s experienced team has designed a comprehensive four-step cybersecurity program. We will help you gauge your current situation and tailor a plan specifically for your internal capabilities, budget and time sensitivity.
Here’s how it works:
Step 1: Discovery – the professional assessment of your company’s practices related to the new standard. If necessary, a gap analysis will be completed to document the scope to be remediated.
Step 2: Remediate to Meet New Standard – supports all necessary fixes to ensure compliance. This may include updates to firewalls, patches, policy development, employee training, physical security, network configuration, etc.
Step 3: Test and Validate – verifies that all technology and physical security aspects are working properly. A penetration test may be necessary.
Step 4: Monitoring/Reporting – establishes ongoing monitoring and scanning of the required enterprise network. Creates a working process to log, remediate and report (as required) cyberattacks.
Ask how WMEP Manufacturing Solutions can help.
Contact Cory Larson today at 608.558.8137 or email [email protected] to get started.
Consultant – Automation & Cybersecurity
Cory is a registered practitioner by the CMMC-AB (Cybersecurity Maturity Model Certification – Accreditation Board)
608.558.8137 | [email protected]
- CMMC (Cybersecurity Maturity Model Certification) Accreditation Body
- Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations
- NIST Special Publication 800-171 Revision 1
- NIST SP 800-171 Memorandum Explanation
- Safeguarding Covered Defense Information and Cyber Incident Reporting (U.S. Department of Defense)
- Defense Cybersecurity Requirements: What Small Businesses Need to Know (U.S. Department of Defense)
- Directive-Type Memorandum (DTM): Cybersecurity in the Defense Acquisition System (U.S. Dept. of Defense)
- Memorandum: Implementation of DFARS Clause 252.204-7012 (U.S. Department of Defense)
- NIST MEP Cybersecurity Self-assessment Handbook (Self-assessment): http://nvlpubs.nist.gov/nistpubs/hb/2017/NIST.HB.162.pdf (NIST.gov)
- Cybersecurity Glossary (thecyberwire.com)
Get to know Jim Sullivan, Director of Business Development
“The mission and the talent at the WMEP are at the core and helping Wisconsin manufacturers become the best in the world is something I know we can do.”
608.354.1346 [email protected]