Machesney Park Manufacturer Achieves Compliance Goals to Meet DOD Cybersecurity Requirements

IMEC introduced and facilitated a relationship between MAS and Alpine Security, a Cerberus Sentinel company, who would guide them through the cybersecurity compliance process. MAS started the journey to compliance in early March 2020, right before COVID-19 shook the world. Of course, there were challenges due to the pandemic, but with necessary adjustments and their commitment to quality and excellence, they pressed on.

After having to start and stop periodically, on October 26, 2020 Alpine Security presented MAS with a Letter of Attestation, which serves as an external tool to communicate proof that a security assessment was performed. They were then able to successfully submit their self-assessment score into the Supplier Performance Risk System (SPRS) on November 18, ahead of the November 31, 2020 deadline. This was the first step to verifying compliance, and once this goal was met, “it was a very rewarding experience” for Johnson and his team. He shares: “Alpine Security has since performed two vulnerability scans which indicated our security system is working. We still have ongoing remediation efforts required to achieve full compliance, but we are well on schedule toward this goal.”

It was a team effort, to say the least, for MAS to progress as successfully as they have. Johnson states that “because so much of the scope involved securing and controlling digital data and documents, we needed extensive involvement from our outside IT contractor. The project was managed and kept on target by Dean Harms and his IMEC team.”

Submitting their score to SPRS benefits MAS in several ways. Not only does it verify they are on the path to Cybersecurity Maturity Model Certification (CMMC) compliance, which builds off the NIST 800-171 requirements, it serves as an effective marketing tool to secure additional government contracts, and it gives MAS a competitive advantage over their competitors.