products:

Sorry,

there are no posts to show...


Helpful Resources

News:

CMMC CompanionRESTON, Va.—November 24, 2020—CyberSheath Services International has published the 2020 / 2021 CMMC Companion guide to help defense contractors navigate and comply with new rules from the Department of Defense (DoD) to secure the Defense Industrial Base from cyberthreats. This new resource for defense contractors provides a clear, concise primer that summarizes the CMMC, discusses why the rule has been created, and proposes useful tips for its mandatory implementation.

“The defense industry has been clamoring for help as new rules emerge and the risk of losing out on defense contracts and revenue becomes more real,” says Eric Noonan, CEO of CyberSheath. “CyberSheath has been supporting compliance initiatives for defense contractors and other companies since 2012, and they’ve channeled that experience into this new resource. Anyone dealing with CMMC will gain enormous benefits in terms of understanding the history, terminology, approach, and future direction.”

Though the industry has been charged with meeting stringent requirements for years, recent updates with real deadlines have created urgency and angst among prime and subprime contractors. Not only are the prime contractors ensuring their own compliance, but they are also putting pressure on their suppliers to verify compliance. If defense contractors do not comply, they risk the security of the supply chain, national security, the ability to secure DoD contracts, and, thus, their revenue.

New rules under the recent DFARS interim law rule, coupled with requests from prime contractor demands mean suppliers must confirm their NIST 800-171 Assessment Score, provide a Plan of Action and Milestones (POAM) estimated completion date (ECD) for any unimplemented requirements, their status and ECD for an additional 20 CMMC practices, and their status and ECD for the CMMC Level 2 and 3 maturity processes. On top of that, suppliers have to provide updates on their progress until all practices and progress are implemented, as well as their “estimated date for closure of all NIST SP 800-171 POAM items, and the expected closure date for the additional controls.”

The new CMMC Companion guide comes on the heels of the first-ever CMMC Con, a virtual gathering hosted by CyberSheath attended by some 1,000 CMMC partners, including government stakeholders, services providers, and contractors.

For more information or details, please contact info@cybersheath.com.

 

About CyberSheath Services International, LLC
Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.

CIO-Review-Award
RESTON, Va.—November 11, 2020—CyberSheath Services International has been awarded two CIO Review recognitions, including the “Most Promising CyberSecurity Consulting & Service for 2020” and “Most Outstanding CMMC MSSP for 2020.”

CIO Review produces an annual list of providers that are at the forefront of providing consulting, services, compliance, and risk solutions to enterprises worldwide. The goal of these awards is to spotlight companies with a proven track record in effectively delivering high-

caliber managed technology and compliance solutions, while enabling decision-makers to stay well-informed on industry trends through research and evaluation of the vendor marketplace.

“Amid the continually changing regulations on the U.S. Defense Industrial Base, we help our clients achieve compliance quickly and cost-effectively while optimizing their operations,” said CyberSheath’s CEO and Founder Eric Noonan. “CyberSheath is honored to receive these awards and to be recognized as a leader in our market. And we’re grateful to CIO Review for enabling industry participants to make informed, evidence-based decisions when choosing the technology that is so integral to their business.”

CyberSheath, as a trusted third-party managed service provider, simplifies compliance for its clients in three stages: assess, implement, manage — AIM™. After the initial assessment, CyberSheath understands the client’s compliance requirements and breaks down the reasons behind their noncompliance before moving to implementation. CyberSheath follows a shared responsibility model, owning the gaps and fixing them.

To help stakeholders in the DIB better understand the shifting future of cybersecurity compliance, CyberSheath is holding CMMC Con 2020 on November 18, 2020. Featuring keynote speakers, breakout sessions, a panel discussion with DIB CEOs, and more, the event will bring contractors up to speed on the threats they face, changes to cybersecurity compliance law, and immediate steps they can take toward security and compliance. Registration is now open.

To learn more about CyberSheath and its industry-leading compliance managed services platform, visit Cybersheath.com.

About CyberSheath Services International, LLC

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.

 

Press Contact:

Kristen Morales

Kristen.Morales@cybersheath.com

RESTON, Va.—October 29, 2020—CyberSheath Services International today announced that it has been selected to join the Microsoft Intelligent Security Association (MISA) as one of the association’s first CMMC-focused managed security service providers.

“MISA members are cybersecurity industry leaders,” said Eric Noonan, CEO at CyberSheath. “They’re unified by the common goal of helping secure our customers by offering unique and valuable customized expertise and making the association more effective as it becomes more diverse.”

CyberSheath has extensive Microsoft expertise, including professional and managed security services for a wide array of U.S. defense contractors, and was nominated for MISA for their managed security service offerings for Azure Sentinel and Microsoft Defender for Endpoint. CyberSheath uses a Microsoft technology stack fueled by Microsoft Azure Sentinel, the cloud-native Security Information and Event Management (SIEM) solution that quickly identifies security threats across hybrid enterprises.

MISA began as an ecosystem of independent software vendors (ISVs) that integrated their security products with Microsoft’s to better defend against a world of increasing threats. Due to increased demand for a closely interwoven security ecosystem, the association is growing and launching an invitation-only pilot program for select managed security service providers.

MISA plays a vital role in reducing the cost and complexity of integrating disparate security tools. Adding managed security service providers promises to increase the ecosystem’s value even more by offering an extra layer of threat protection without requiring day-to-day involvement of in-house security teams,” said Andy Shooman, COO at CyberSheath. “It’s another important step in both strengthening and simplifying security at a time when risk mitigation is one of IT’s highest priorities.”

“The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security software vendors across the globe,” said Rani Lofstrom, Senior Product Marketing Manager, Microsoft Security. “Our members, like CyberSheath, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster.”

About CyberSheath Services International, LLC

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.

 

 

Press Contact:

Kristen Morales

Kristen.Morales@cybersheath.com

RESTON, VA – October 21, 2020 – CMMC Con 2020 is a new one-day event designed to support stakeholders in the U.S. Defense Industrial Base (DIB) as they navigate the rapidly shifting future of cybersecurity compliance. The virtual conference, hosted by leading Managed CMMC Compliance provider CyberSheath, will provide actionable information on how defense contractors can achieve compliance with NIST 800-171 and CMMC and maintain revenue streams in the defense industry.  CMMC Con 2020 will be held on Wednesday, November 18, 2020 from 10 a.m. to 4 p.m. Registration is now open.

Small and medium-sized U.S. DIB contractors are facing increasing complexity and pressure to achieve compliance and demonstrate that they are meeting cybersecurity requirements. This one-day event will be the most focused and actionable virtual gathering for CMMC stakeholders, including government stakeholders, services providers, and contractors ever. CMMC Con 2020 will equip them with a better understanding of China’s role in the evolving threat landscape, the revisions to cybersecurity compliance law aimed at mitigating these threats, and how defense contractors can solve these challenges, including immediate steps they can take toward security and compliance.

The event will feature networking, keynote speakers, breakout sessions, and a panel discussion. Conversations will focus on DFARS compliance, the threat from China, how cybersecurity impacts the future of doing business with the DoD, and a “how to” session for small and medium-sized businesses struggling with NIST 800-171 and CMMC.

The conference will feature several keynote speakers, including:

  • Katie Arrington, Chief Information Security Officer for the Under Secretary of Defense for Acquisition and Sustainment, in a facilitated question-and-answer session
  • Robert Spalding, retired Brigadier General, USAF, speaking on the threat from China
  • Richard Wakeman, Senior Director – Aerospace & Defense – Microsoft Azure Global, offering an overview of what Microsoft is doing to assist the DIB in government compliance
  • A panel discussion with current DIB CEOs on how they are approaching these complex issues

“This will be the most important conference we’ve ever held, given the state of DIB cybersecurity and its impact on our national defense and overall global economic competitiveness,” said Eric Noonan, the CEO Of CyberSheath. “We’ve designed this event to give defense contractors a better understanding of the threat from nation states that made the CMMC necessary, and most importantly, the specific steps they need to take to be eligible for future DoD contracts. Attendees will leave this event clear eyed around the why, what, and how of CMMC.”

At the end of this groundbreaking event, all attendees will be well-versed on the threat landscape, new rule changes, requirements and ramifications imposed on the DIB, and how to move forward in the changed world of DoD acquisition. Registered attendees will also receive a complimentary e-book described as “the Rosetta Stone” of CMMC compliance.

Register Now

RESTON, Va.—September 16, 2020—CyberSheath Services International today launched its Managed Services for the Cybersecurity Maturity Model Certification (CMMC) to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to guarantee compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and evolving CMMC requirements.

Using a Microsoft-focused technology stack including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio, CyberSheath’s CMMC Managed Services future-proofs clients against CMMC policy changes and new implementation requirements.

The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.

CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard for existing regulatory requirements and the proper CMMC level. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.

CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.

“Any defense contractor that fails to comply with the CMMC will not be doing business with DoD moving forward. Our managed services are built for the many defense contractors, both Primes and Subs, who still don’t fully understand the CMMC requirements and don’t want to be left out of DoD contracts,” said Eric Noonan, Founder and CEO of CyberSheath Services International. “Frankly, CMMC might be new, but we have been delivering audit-ready, compliance-focused managed services for more than five years in response to the NIST 800-171 requirements. When I launched CyberSheath nearly a decade ago, it was to solve this very problem for Defense Industrial Base companies, and CMMC is simply the next evolution in what has been a nearly thirteen-year journey with the DoD.”

Mandana Javaheri, Global Director, Security Partner Development at Microsoft said, “The Microsoft technology behind CyberSheath’s managed services is designed to meet the unique and evolving requirements of the U.S. Department of Defense. With its technology stack aligned with its mission, CyberSheath is better able to ensure its clients’ security and compliance.”

About CyberSheath Services International, LLC

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.

 

Press Contact:

Kristen Morales

Kristen.Morales@cybersheath.com

 

###

CyberSheath, a proud title sponsor, would like to invite you to join us at the virtual Cybersecurity Forum 2020 on September 16 – 17.  Check out our virtual booth to learn about our trailblazing CMMC Managed Service release and how CyberSheath can help prepare your organization for CMMC preparation.

Cyberattacks and data breaches are on the rise. They affect individuals, companies, and are a serious national security threat to our country. Whether you are seeking a “best practices” approach to providing cybersecurity or will be required to meet the new federally mandated standards, the Cybersecurity Maturity Model Certification Program (CMMC), this series of educational offerings provides a current model for responding to real cybersecurity risks.

There will be an outstanding line-up of speakers and panelists, such as Katie Arrington and U.S. Senator Marco Rubio, that will provide attendees with vital information on the steps needed to protect your business and comply with the Department of Defense’s unified standard for cybersecurity.

Register Now.

Take sneak peak of our featured booth video that discusses the CyberSheath’s approach to CMMC readiness.

RSA-Charge-N&E-Image

CyberSheath, a Veteran-Owned Small Business, is a proud Gold Sponsor of RSA Charge 2015, an exclusive user event that brings together and harnesses the innovative power of RSA customers, partners, practitioners and employees. We eagerly await the gathering of industry thought-leaders, experts, and security professionals, where together we can Recharge, Retool, and Reignite the security world.

RSA Charge 2015  |  October 21st to October 23rd

CYBERSHEATH EVENT DETAILS

 

Location-Icon-Small   WHERE WILL WE BE?


CyberSheath will be located at booth G5, be sure to stop by!

* The floor plan highlights the CyberSheath booth location as you will enter the RSA conference, as well as the location of the second stage where we will be presenting on Wednesday, October 21st 12:30PM – 12:45PM – remember to drop by after lunch!

RSA-Charge-FloorPlan-Image

Speaker-Icon-Small    WHEN ARE WE SPEAKING?


Second Stage Presentation  |  Wednesday, October 21st 12:30PM – 12:45PM

Session   |  Thursday, October 22nd 11:15AM – 12:00PM – Room E256

Session Topic  |  Compliance as an Outcome of a Mature Security Program

Speakers  | Eric Noonan and Mark Walsh

Calendar-Icon-Small    WANT TO MEET WITH US?


RSA Charge is approaching fast and will be an exciting time, so make sure to mark your calendars with the sessions and presentations you don’t want to miss.  Be sure to check out the RSA Charge agenda to get the most out of your experience! http://charge.rsa.com/agenda

 

Connect with CyberSheath on social media to get updates leading up to the event, as well as live tweets during the conference. We can’t wait to see you there!

Facebook-ImageTwitter-ImageLinkedIn-Image

 

 

cyberark CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced that it has achieved Common Criteria EvaluationAssurance Level EAL 2+for its comprehensive CyberArk Privileged Account Security Solution.  The certification underscores CyberArk’s commitment to helping federal organizations and global enterprises secure privileged accounts – the “keys to the IT kingdom” – before cyber attackers can steal and exploit them to gain access to sensitive data and systems.

Read the full article here.

*Expired

Make regulatory compliance a natural outcome of effective security operations, do not miss this event! Come join us on February 5, 2015 at 6pm to 8pm* for an evening with CyberSheath CEO, Eric Noonan, to hear “the how” behind bringing geographically dispersed IT infrastructures into a single focus that produces actionable metrics.

 

By Ambili Sasidharan in CIO Review

eric_CIO_ReivewWith the recent cyber attacks at eBay, Paypal, Target, Sony Picture, and JP Morgan Chase, the cyber security seems to be losing in the game of whac-a-mole. The game has been a costly one for businesses that spend billions of dollars to address new threats every day. It’s getting increasingly difficult and costly to protect even the most basic technology from a growing throng of hacking tools. In an exclusive interview with CIO Review, Eric D. Noonan, CEO at CyberSheath discusses the current landscape of cyber security and CyberSheath’s methodology for delivering security services that provide demonstrable business value.

Read the full article here.

Expired*

If your company provides products or services to the Department of Defense, this is an important event. The DFARS final ruling was one year ago, mandating the protection of unclassified information. Join us to discuss what we have learned, what compliance means, and how it will affect your business moving forward. You’ll hear from Eric Noonan, the former CISO of BAE Systems and engage with peers over dinner.*

 

Measure, Manage, and Win – How a Global Enterprise insourced security in under 6 months.

Information security must become the responsibility of an entire business ecosystem in today’s highly interconnected environment. Too often in today’s business climate, the security functions are siloed which result in a lack of transparency, accountability and increased cost, all of which is making you less secure in the process. Security investments should enable business and support objectives. And like other investments, measured to ensure such alignment.

 

By Fahmida Rashid in SECURITY WEEK

Malware and attackers are increasingly targeting privileged accounts as part of multi-stage operations where they breach networks, gather information, and exfiltrate sensitive data, according to a recent report from security firm CyberSheath.

Theft, misuse, and exploitation of privileged accounts is a “key tactic” in each phase of advanced persistent threat and other targeted attack campaigns, CyberSheath wrote in its APT Privileged Account Exploitation report released Wednesday. CyberSheath’s “descriptive benchmark study” interviewed ten “leaders in the cyber community” heading security efforts at major U.S.-based corporations, along with former government executives.

Read the full article here.

CyberSheath Services International, LLC., the leader in delivering pragmatic, measurable security solutions, is pleased to announce that John Gannon, former Deputy Director for Intelligence (DDI) at CIA, has joined the company as a strategic advisor.

“John brings decades of expertise and strategic insights that our company and customers are fortunate to have behind them,” said Eric Noonan, chief executive officer at CyberSheath. “ His unique experience and understanding of cybersecurity as an issue of national security are unmatched.”

John Gannon, who retired in 2012 as President of BAE Systems’ Intelligence and Security Sector, has resumed teaching as an adjunct professor in the National Security Studies program at Georgetown University, where he taught previously for six years.

Mr. Gannon joined BAE in 2005 as the first Vice President for Global Analysis, a business area in BAE Systems’ Information Solutions line of business, supporting U.S. Government and corporate analysis. In 2010, he became President of the Intelligence and Security Sector, a $2 billion global business with 7,000 employees.

Prior to 2005, Mr. Gannon served in the most senior analytical positions at CIA and in the Intelligence Community, including Deputy Director for Intelligence (DDI) at CIA, Chairman of the National Intelligence Council and Assistant Director of Central Intelligence for Analysis and Production. He headed the White House team in the Department of Homeland Security Transition Planning office standing up the Information Analysis and Infrastructure Protection Directorate, and was the first Staff Director of the House of Representatives  Committee on Homeland Security.

Strategic Partnership Introduces Comprehensive Cyber Security and Compliance Solutions to Enterprise and Government Organizations

WALTHAM, MA–(Marketwire – Oct 16, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced a strategic partnership with CyberSheath Services International, a new company that bridges the gap between business and IT risk with innovative risk management solutions. Read more here.

CyberSheath Services International, LLC (CyberSheath) launched simultaneously in Shrewsbury, MA and Reston, VA this month with a mission of “Protecting Your Vital Assets” the company believes that there is a gap between most corporations’ security compliance efforts and any material impact on actually reducing threats to the company. “The companies we talk with tend to treat security compliance as a paperwork exercise done by auditors and threat detection and mitigation as the work done by the men and women on the security operations center floor. The two groups don’t talk to one another and seldom, if ever, does a company get the force multiplier effect that exists when compliance and defense efforts are integrated in a way that meets common objectives.” CyberSheath Chief Executive Officer Eric D. Noonan.

“We are here to change the game. We don’t sell silver bullets; rather, we teach companies to integrate resources they already have in a measurable way to reduce threats to their networks and data.”

FAQs:

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft