Ecliptic Continues Their Path Toward Continued Growth....

If you have watched a Delta rocket launch, you have seen Ecliptic Enterprises Corporation (Ecliptic) video systems in action. Ecliptic was founded in 2001 as a manufacturer of video and imaging systems for use on rockets and spacecraft. Since then, they have expanded their product offerings to include the production of space avionics and sensor systems to control experiments onboard rockets, orbital spacecraft (satellites) and the International Space Station. From inception, Ecliptic products have been used on over 150 launches with a 100% success rate. Ecliptic’s RocketCamTM video systems are the leading brand used in U.S. commercial, military and  civil space missions. Ecliptic has built a reputation for producing products which perform numerous functions in a reliable and cost-effective manner.

The Department of Defense regulations (DFARS 252.204-7012) requires all contractors to adhere to the 110 controls contained in the NIST SP800-171 rev1. Failure to meet with these cybersecurity requirements may mean the loss of Department of Defense contracts. As Ecliptic is the world’s leading supplier of rugged video systems for use on rockets, spacecraft and in other extreme environments, and Ecliptic video systems and avionics are typically involved in a launch or space mission every 4 to 8 weeks, maintaining DFARS compliance is vital to Ecliptic's business.

CMTC, part of the MEP National Network™, met with Ecliptic’s senior staff in April, 2018 with a plan to progress towards implementation and compliance with DFARS 252.204-7012. CMTC provided expertise and guidance to develop cybersecurity plans training, documentation, policies and procedures. Initially, a baseline analysis consisting of an on-site assessment of the information system ecosystem was performed to determine the current level of DFARS compliance. CMTC provided guidance to Ecliptic on a set of four deliverables to provide a path toward continued growth. These deliverables are: initiate the fulfillment of the Self-Attestation Questions via the U.S Department of Homeland Security’s Cyber Security Evaluation Tool (CSET); develop a Systems Security Plan (SSP) documenting the controls that have been selected to mitigate risks to the system;  create a Plan of Actions & Milestones (POA&M) to assist Ecliptic in identifying, assessing, prioritizing and monitoring the progress of corrective efforts for security weaknesses found in programs and systems; define an Incident Reporting Plan, determining what constitutes a security incident and outlines the incident response phases. CMTC’s consulting and training helped establish the ability to respond within the 72 hour requirement.