Cybersecurity

  1. Home
  2.  » 
  3. Services
  4.  » 
  5. Technology
  6.  » Cybersecurity

***UPDATE: Currently, NH MEP has received funding through the CARES Act to provide partial funding for the CMMC Implementation to manufacturers that have been impacted by COVID-19.***

CMMC Implementation Services

NHMEP has partnered with Mainstay Technologies to provide Phases 1 and 2 of CMMC Implementation to New Hampshire manufacturers who are DoD suppliers or sub-contractors. We begin by working with your IT management on a gap analysis of your current cybersecurity strategies to discover strengths, weaknesses and the best solution to bring your company into CMMC compliance.

What is CMMC?

CMMC Version 1.0 was released in January 2020 and serves as a unified cybersecurity standard for future Department of Defense (DoD) acquisitions. For the bidding process on DoD contracts, CMMC will ensure a fairer process by outlining required levels based on your company’s business requirements. CMMC V1.0 defines a maturity model as a set of characteristics, attributes, indicators, or patterns that represent capability and progression in a particular discipline. It works to establish best practices through defining and structuring action that must be taken by a company to prove that it has incorporated these practices.

The CMMC Framework

The CMMC model framework organizes processes and cybersecurity est practices into a set of domains. For each of the 17 domains, there are processes that span five levels of cybersecurity maturity. Additionally, each of the domains contain one or more capabilities spanning the five levels. And, for a given capability, there are one or more practices that must be demonstrated.

The 17 Domains

Each domain is comprised of processes and capabilities across the five levels.  The domains include:

  • Access Control (AC)
  • Asset Management (AM)
  • Awareness and Training (AT)
  • Audit and Accountability (AU)
  • Configuration Management (CM)
  • Identification and Authentication (IA)
  • Incident Response (IR)
  • Maintenance (MA)
  • Media Protection (MP)
  • Personnel Security (PA)
  • Physical Protection (PE)
  • Recovery (RE)
  • Risk Management (RM)
  • Security Assessment (CA)
  • Situational Awareness (SA)
  • System and Communication Protection (SC)
  • System and Information Integrity (SI)

Phase 1 – Basic Cyber Hygiene 

Processes are performed and select practices are documented where required. There are 17 practices to demonstrate basic cyber hygiene. Equivalent to all practices in Federal Acquisition Regulation (FAR) 48 CFR 52.204-21 from FAR Clause 52.204-21. The first level ensures basic safeguarding of federal contract information.

Phase 2 – Intermediate Cyber Hygiene

Processes are documented, including Level 1 practices and a policy exists that includes all activities. Practices demonstrate intermediate cyber hygiene. This level complies with FAR, includes a select subset of 48 practices from NIST SP 800-171, and includes an additional 7 practices to support intermediate cyber hygiene. A total of 72 practices must be demonstrated at this level as organizations transition to demonstrate cybersecurity maturity progression to protect controlled unclassified information.

To get started with a gap analysis for CMMC Implementation or to learn more, please contact NHMEP:

 

Zenagui Brahim

(603) 226-3200

zenaguib@nhmep.org

Eric Basta

(603) 226-3200

EricB@nhmep.org

 

“Working with the Partnership was a cost effective way to remain ahead of implementation timelines to achieve compliance with NIST 800-171.  Their administrative and technical assistance provided a rich contextual understanding of controlled information and information systems, and guided our company’s policy approach to information exchange governance.  We are now better prepared to meet current and emerging information security obligations for all of our clients.”

Paul Movizzo

DoD Business Development, Creare, LLC

About NH MEP

New Hampshire Manufacturing Extension Partnership
172 Pembroke Road
Concord, NH  03301

Phone: 603-226-3200

The New Hampshire Manufacturing Extension Partnership does not discriminate on the basis of race, color, creed, national or ethnic origin, gender, disability, age, political affiliation or belief. This nondiscrimination policy encompasses the operation of all educational and training programs and activities. It also encompasses the employment of personnel and contracting for goods and services.

Contact Us

Press Releases

The Rubber Group Integrates Production Process with Value Stream Mapping

Rochester – The Rubber Group is a customer focused custom injection, transfer, and compression molder of engineered mechanical rubber components like precision seals, vibration isolators, bellows and specialized over-molded components for a wide variety of industries. Last April, as the COVID-19 pandemic hit, they had workforce losses and a 20% reduction of sales revenue from the Oil, Gas and Aerospace industries who were experiencing product slow-downs from their own clients…

WS Dennison Cabinets Sees Host of Improvements since Implementing 5S Program

Pembroke, NH – WS Dennison Cabinets has been creating custom cabinets for residential and commercial industries throughout New Hampshire and New England since 1986. When COVID-19 hit last spring, like so many other manufacturers across the country, Dennison was affected and lost some of their workforce. Looking to make production improvements, the company attended an NHMEP workshop that introduces the basics of a 5S Program, a lean tool which improves organization in a production environment.

SBA Re-Opening Paycheck Protection Program to Lenders

WASHINGTON – The U.S. Small Business Administration, in consultation with the U.S. Treasury Department, will re-open the Paycheck Protection Program (PPP) loan portal to PPP-eligible lenders with $1 billion or less in assets for First and Second Draw applications on Friday, January 15, 2021 at 9 a.m. EST.

DoD Interim Rule for NIST SP 800-171 and CMMC

The DoD recently issued an Interim Rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS), effective November 30, 2020.

The 18th Annual Governor’s Advanced Manufacturing and High Technology Summit a Virtual Success

On Thursday, October 29th, the 18th Annual Governor’s Advanced Manufacturing and High Technology Summit was successfully conducted online with over 200 participants in attendance, (mostly small to medium-sized manufacturers) making it one of the largest manufacturing events to be held virtually since COVID-19 began. Mike Mastergeorge, Vice President of Brazonics Inc. kicked off the summit thanking the teams at NH MEP, NH Department of Business and Economic Affairs, and the NH Business and Industry Association. He thanked People’s United Bank and BAE Systems as the major sponsors and acknowledged the other sponsors as well. He introduced Taylor Caswell, Commissioner of NH Department of Business and Economic Affairs, who made opening remarks and introduced Governor Chris Sununu. The governor acknowledged progress made in manufacturing and other sectors and encouraged manufacturing innovation in the state as the sector recovers.

How can we help?

Feel free to ask a question or leave a comment.