Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Compliance - Strengthening the DOD Supply Chain

With the help of: Maryland MEP


Founded in 2006, IR Tools protects the Military and Law Enforcement communities with premium IR (infrared) identifications products. IR Tools designs and manufactures custom IR tools. IR Tool’s facility located in Crofton, Maryland, employs 10 employees and is a key part of the DOD community within Maryland, providing the design and manufacturer of critical tools and components.

The Challenge

As a DOD contractor, IR Tools is required to comply with the DFARS clause and NIST 800-171 cybersecurity requirements. As a manufacturer and supplier, IR had invested in protecting their data and systems, however they had not completed the process of the required certifications and compliance issues for the DOD. To ensure compliance, the company reached out to Maryland MEP (MD MEP), part of the MEP National Network™, to participate and receive assistance through their Defense Cybersecurity Assistance Program (DCAP), designed to help manufacturers meet the requirements of DFARS and 800-171 and prepare for the requirements of CMMC cybersecurity certification.

To be honest, we were complete novices when it came to cybersecurity before working with the MEP program. Working with the program helped us understand the importance of cybersecurity to our business model and the security of the US military (our primary customer). The tools they put in our hands, consulting and leveraged dollars to make repairs, gave us the ability to put those ideas into practice.

— Tom Boyer, President

MEP's Role

Through the MD MEP’s DCAP program, the MD MEP team delivered a DFARS assessment for the client. MD MEP’s DFARS assessment included a plan of action and milestones (POAM), system security plan (SSP), and recommendations for mitigating cyber risks and gaps within the requirements. Based on the results of a cybersecurity/DFARS assessment, MD MEP worked with the client to begin to fulfill cybersecurity and contract requirements that were found to be incomplete or non-sufficient. IR Tools implemented the necessary changes to ensure compliance with the cybersecurity requirements, securing their government contracts, resulting in the retention of the workforce, retention of sales and the prospect of continued DoD contracts into the future. and retaining sales and jobs. The improvements made under MD MEP’s DCAP program also led to cost savings for the company enabling them to remain competitive and expand services as a supplier to the DOD.

Created May 1, 2021, Updated April 18, 2023