Raymond Quist and Robert Burns were working for a large manufacturer in New Hampshire who did business with the U.S. Department of Defense. Together they saw a need for more sophisticated electronic support test equipment that enables a “Go/No-Go” decision on military aircraft. That gave them the opportunity to leave the defense contractor in 1979 to start Tech Resources, Inc.
Today Tech Resources, Inc, is based in Milford, New Hampshire, and for over 40 years has provided sophisticated electronic test equipment and technical logistic services to the United States Airforce, the United States Navy and Foreign Military branches. The company employs 50 people.
"All our work is for the DOD,” said Gary Andrews, President of Tech Resources, Inc. “So when we heard that the DOD’s NIST 800-171 cybersecurity requirements would be flowing down to their contractors in the near future, we wanted to get ahead of it in order to meet those requirements and not have any interruptions in our business with them.”
Tech Resources, Inc., leadership tried to create their own System Security Plan (SSP) but soon found many areas that needed shoring up. For help, their IT Manager attended a NH MEP NIST 800-171 Cybersecurity for Manufacturers information session. NH MEP, part of the MEP National Network™, could help.
Tech Resources, Inc. developed a great partnership with NH MEP and their dedication to our success is very much evident at our firm. I appreciate their wiliness to learn our business and to make a positive impact by helping us bring our new cybersecurity plan up to code.
Tech Resources, Inc., began working with NH MEP and its 3rd-party service provider Mainstay Technologies to take Tech Resources, Inc. through the requirements of NIST 800-171 by performing a gap analysis and, using those findings, performing the second phase of the project-- policy, procedures, and program design.
For the gap analysis the Mainstay information security team conducted an assessment and identified compliance, noncompliance, or partial compliance with each of the 110 components required of NIST 800-171. Mainstay provided a compliance report, along with in-person and over the phone consultations about the findings. This included consultation on a plan of action and milestones creation (POAM).
For Phase 2, the Mainstay information security team created the appropriate "Corporate Information Security Policies, Procedures, Strategies and Plans for Tech Resources, Inc." that aligned with NIST 800-171. Mainstay also made cost-effective, NIST 800-171 compliant technical mitigation recommendations.