Certified Manufacturing Inc. (CMI) is a woman-owned small business specializing in the manufacture and test of cables and wire harnesses, circuit cards, electro-mechanical, and parts procurement and kitting services. They are AS9100 certified and provide turn-key fabrication to demanding aerospace specifications. CMI has provided top quality parts to DOD, NASA and aerospace clients for over 20 years.
Like most small businesses, CMI does not have a full time IT staff. Management knew that to continue to bid on and win Department of Defense (DOD) contracts, they must meet DOD Cybersecurity requirements spelled out in NIST 800-171 and prepare themselves for the upcoming Cybersecurity Maturity Model Certification (CMMC). CMI management knew they lacked the inhouse cybersecurity experience and turned to the Northwest Florida Manufacturers Council, part of the FloridaMakes network and the MEP National Network™, for guidance.
As with many business initiatives, a significant (and maybe the most significant) part of the relationship is the support after the major effort has been successfully completed. Mr. Krug continues to provide guidance on our cybersecurity initiative(s) but also on related initiatives and where and how to obtain grant funding.
Thank you FloridaMakes and Mr. Daniel Krug for working with Certified Manufacturing Inc. and making the single most significant difference in our business’s history!
A FloridaMakes business advisor worked with and nominated CMI to be part of a DOD and NIST MEP pilot program to assist manufacturers in the defense industrial base meet the stringent cybersecurity requirements. After a nationwide search, CMI was chosen as one of eleven manufacturers to receive a grant to aid in NIST 800-171 assessment and address the state of their current cybersecurity compliance. The business advisor and CMI interviewed multiple FloridaMakes-vetted cybersecurity third party providers and chose a provider that fit the company’s needs.
After receiving their assessment, CMI discovered much work was needed and continued working with the third party provider to implement a full networking equipment upgrade, security control implementations, as well as assistance with creating company policies and procedures, and employee cybersecurity awareness training. With the assistance of the third party provider, CMI was able to meet all current contractual requirements and is poised towards meeting the new CMMC requirements, all within a tight 90-day timeframe. CMI is proud to say they are CMMC Level 3 compliant and eagerly await the opportunity for their CMMC certification audit.