CyberSheath Launches CMMC Managed Services for Defense Contractors using Microsoft Technology Stack

By Kristen Morales • September 16, 2020

RESTON, Va.—September 16, 2020—CyberSheath Services International today launched its Managed Services for the Cybersecurity Maturity Model Certification (CMMC) to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to guarantee compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and evolving CMMC requirements.

Using a Microsoft-focused technology stack including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio, CyberSheath’s CMMC Managed Services future-proofs clients against CMMC policy changes and new implementation requirements.

The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.

CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard for existing regulatory requirements and the proper CMMC level. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.

CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.

“Any defense contractor that fails to comply with the CMMC will not be doing business with DoD moving forward. Our managed services are built for the many defense contractors, both Primes and Subs, who still don’t fully understand the CMMC requirements and don’t want to be left out of DoD contracts,” said Eric Noonan, Founder and CEO of CyberSheath Services International. “Frankly, CMMC might be new, but we have been delivering audit-ready, compliance-focused managed services for more than five years in response to the NIST 800-171 requirements. When I launched CyberSheath nearly a decade ago, it was to solve this very problem for Defense Industrial Base companies, and CMMC is simply the next evolution in what has been a nearly thirteen-year journey with the DoD.”

Mandana Javaheri, Global Director, Security Partner Development at Microsoft said, “The Microsoft technology behind CyberSheath’s managed services is designed to meet the unique and evolving requirements of the U.S. Department of Defense. With its technology stack aligned with its mission, CyberSheath is better able to ensure its clients’ security and compliance.”

About CyberSheath Services International, LLC

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs. Learn more at www.cybersheath.com.

 

Press Contact:

Kristen Morales

Kristen.Morales@cybersheath.com

 

###

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft

CyberSheath introduces our CMMC Compliance Managed Service offering. Ready your organization for CMMC today!