RESTON, Va.—September 16, 2020—CyberSheath Services International today launched its Managed Services for the Cybersecurity Maturity Model Certification (CMMC) to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to guarantee compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and evolving CMMC requirements.
Using a Microsoft-focused technology stack including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DOD)-approved Microsoft security portfolio, CyberSheath’s CMMC Managed Services future-proofs clients against CMMC policy changes and new implementation requirements.
The U.S. Department of Defense (DOD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DOD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.
CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard for existing regulatory requirements and the proper CMMC level. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.
CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.
“Any defense contractor that fails to comply with the CMMC will not be doing business with DOD moving forward. Our managed services are built for the many defense contractors, both Primes and Subs, who still don’t fully understand the CMMC requirements and don’t want to be left out of DOD contracts,” said Eric Noonan, Founder and CEO of CyberSheath Services International. “Frankly, CMMC might be new, but we have been delivering audit-ready, compliance-focused managed services for more than five years in response to the NIST 800-171 requirements. When I launched CyberSheath nearly a decade ago, it was to solve this very problem for Defense Industrial Base companies, and CMMC is simply the next evolution in what has been a nearly thirteen-year journey with the DOD.”
Mandana Javaheri, Global Director, Security Partner Development at Microsoft said, “The Microsoft technology behind CyberSheath’s managed services is designed to meet the unique and evolving requirements of the U.S. Department of Defense. With its technology stack aligned with its mission, CyberSheath is better able to ensure its clients’ security and compliance.”
About CyberSheath Services International, LLC
Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.