AdobeStock_401504759.jpeg

Scroll Down

cybersleuth-spider-white-outline-07-e1568841904775-1024x104.png

01

What We Do

We help organizations build cybersecurity into their day-to-day practices, and comply with applicable cybersecurity regulations

We help contractors for the federal government meet NIST SP 800-171 and DFARS 202.254-7012 requirements

02

Why cybersecurity is Needed

The Internet was created for Department of Defense (DoD) and trusted partners, like universities and research institutions

At the time, it was inconceivable that in future everybody would use the Internet. Therefore, access controls weren’t built into the Internet

03

The Result

The Internet doesn’t check the identity or intent of people using it. Anyone can use The Internet
 
Cyber crime is pervasive, impacting: countries, government, counties, states, businesses, cities, other organizations, educational institutions and individuals

Click Here For Brochure

brochure-e1586925500745-70x70.png

“Mother always told me not to talk to strangers”

Times have changed…

  • The entire world is online
  • Can easily do things that are not safe when connected to the Internet
  • Hackers constantly find new ways to exploit vulnerabilities on the Internet, often anonymously and from afar
  • It’s hard to imagine the magnitude of the dangers
iStock-57260640.jpg

What do you have to do to be
NIST SP 800-171 compliant?

1

Evaluate compliance with NIST SP 800-171 security control families

2

Perform Gap Analysis

3

Minimize scope of covered data and systems

4

Create and review System Security Plan (SSP)

5

Create and review Plan of Action and Milestones (POAM)

6

Report gaps and POAM to Buyer in accordance with contractual obligations

7

Meet requirements for prompt reporting of cyber incidents on DIBNET website

8

Flow down requirements to covered subcontractors

NIST-GIF.gif

We Guide You Through Every Step!

cybersleuth-spider-white-outline-07-e1568841904775-1024x104.png

Methodology

01/

Identify

security roles, and scope of covered data and systems

02/

Assess

staff knowledge and awareness of NIST 800-171 and organizational security requirements

03/

Analyze

staff, organizational, and system strengths, weaknesses, opportunities, and threats (SWOT) to support comprehensive risk and security assessments

04/

Develop

System Security Plan (SSP), Plan of Action and Milestones (POAM), and policies and procedures, as needed

05/

Plan

training curriculum and covered topics

06/

Train

staff according to scope of influence, role, responsibilities, policies and procedures

07/

Document

evaluation and training results

08/

Evaluate

staff and system performance against benchmarks
CyberSleuth Spider.png
TCR-webpage-CyberSleuth-Methodology-rev02.png
Katie Can-Do.png