Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Leading the Way for CMMC Compliance

With the help of: FloridaMakes

About

Certified Manufacturing Inc. (CMI) is a woman-owned small business specializing in the manufacture and test of cables and wire harnesses, circuit cards, electro-mechanical, and parts procurement and kitting services. They are AS9100 certified and provide turn-key fabrication to demanding aerospace specifications. CMI has provided top quality parts to DOD, NASA and aerospace clients for over 20 years.

The Challenge

Like most small businesses, CMI does not have a full time IT staff. Management knew that to continue to bid on and win Department of Defense (DOD) contracts, they must meet DOD Cybersecurity requirements spelled out in NIST 800-171 and prepare themselves for the upcoming Cybersecurity Maturity Model Certification (CMMC). CMI management knew they lacked the inhouse cybersecurity experience and turned to the Northwest Florida Manufacturers Council, part of the FloridaMakes network and the MEP National Network™, for guidance.

As with many business initiatives, a significant (and maybe the most significant) part of the relationship is the support after the major effort has been successfully completed. Mr. Krug continues to provide guidance on our cybersecurity initiative(s) but also on related initiatives and where and how to obtain grant funding.

 

Thank you FloridaMakes and Mr. Daniel Krug for working with Certified Manufacturing Inc. and making the single most significant difference in our business’s history!

— Pamela Bechtold and Robert Bechtold, President and VP, Chief Operations Officer

MEP's Role

A FloridaMakes business advisor worked with and nominated CMI to be part of a DOD and NIST MEP pilot program to assist manufacturers in the defense industrial base meet the stringent cybersecurity requirements. After a nationwide search, CMI was chosen as one of eleven manufacturers to receive a grant to aid in NIST 800-171 assessment and address the state of their current cybersecurity compliance. The business advisor and CMI interviewed multiple FloridaMakes-vetted cybersecurity third party providers and chose a provider that fit the company’s needs.  

 

After receiving their assessment, CMI discovered much work was needed and continued working with the third party provider to implement a full networking equipment upgrade, security control implementations, as well as assistance with creating company policies and procedures, and employee cybersecurity awareness training. With the assistance of the third party provider, CMI was able to meet all current contractual requirements and is poised towards meeting the new CMMC requirements, all within a tight 90-day timeframe. CMI is proud to say they are CMMC Level 3 compliant and eagerly await the opportunity for their CMMC certification audit.

Created January 27, 2021