Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Compliance With NIST 800-171 Cybersecurity Ensures Growth for JMK, Inc.

About

Jim Kennedy started JMK, Inc.  in 1975. Its only employee in a 1,200-square-foot facility located in Amherst, New Hampshire, Jim established JMK, Inc. to design, manufacture and distribute commercial EMI/RFI powerline filters and associated devices. JMK has since grown to two manufacturing facilities and two engineering departments with 11 employees in Amherst, NH, and 65 employees in Mexico. JMK has grown to include manufacturing all forms of EMI and RFI suppression devices for commercial, military and medical applications.

The Challenge

“We have a number of military customers but at the time they were not yet pushing NIST 800-171 cybersecurity compliance to their suppliers,” said Jim Kennedy, President of JMK, Inc. “It was our IT company who had the foresight to see what was coming from the military and they advocated for compliance.”

Around the same time JMK had a network security breach by a foreign entity. Fortunately, they were prepared, and no data was lost or compromised. “This fired up our IT people to say to us you really need to be more secure,” said Kennedy.

Kennedy received the marketing emails NH MEP, part of the MEP National Network™, sends to their clients about their upcoming training programs and services to help manufacturers and realized NH MEP could help with NIST 800-171 compliance.

NH MEP helped us understand the NIST 800-171 requirements and made it possible for us to move forward with training, installation of hardware, and develop procedures to enhance the security of our IT systems. The security of Confidential Unclassified Information (CUI) from our customers was the trigger that got us started. We now are well on our way to achieving the security our customers require and also the security JMK needs to withstand the continual assault on our IT network by the 'bad actors' of the world.

— Jim Kennedy, President

MEP's Role

Jim reached out to NH MEP and, with the support of its 3rd-party service provider Mainstay Technologies, NH MEP helped JMK plan to reach NIST 800-171 compliance. Mainstay would take them through the requirements of NIST 800-171 Phase 1 - GAP Analysis.

For the Phase 1 - GAP Analysis the Mainstay Information Security team worked with JMK to perform an assessment and identify compliance, noncompliance, or partial compliance with each of the 110 components required of NIST 800-171. Mainstay provided JMK a compliance report, along with in-person and over the phone consultations about the findings. This included consultation on a Plan of Action and Milestones Creation (POAM).
Created July 12, 2022