Managing Cybersecurity Risks

For manufacturers who support the Department of Defense (DoD) the requirements for compliance are clear.

• FAR 52.202.21: Requires all DoD suppliers to comply with fifteen basic safeguarding requirements. These requirements are sometimes referred to as “basic cyber hygiene.”
• DFARS 252.204-7012: Requires DoD suppliers who receive or create Controlled Unclassified Information (CUI) to comply with NIST SP 800-171, and to develop the capability to investigate and report cyber incidents.

Whether some of your revenue depends on the DoD, or if you recognize the risk to the survival of your business, Catalyst Connection can support you (or your cybersecurity efforts).

1. Gap analysis. Catalyst will assist you in completing a self-assessment to the appropriate requirements for your business (Basic Cyber Hygiene, or NIST 800-171).
2. Create a plan to address the Gaps. Based on the self-assessment results, Catalyst will facilitate documentation of a Plan of Action with Milestones (POAM). This documents and prioritizes the actions necessary to achieve your goals.
3. Develop Incident Response Capability. Catalyst has developed a process that incorporates the required steps to investigate, analyze, recover, and respond to a cyber incident. This process includes document templates that can be adapted to your organization’s circumstances and needs.
4. Remediate the Gaps. Catalyst can assist with your remediation efforts, including recommendations to address administrative gaps, and referrals to one of our expert Third Party Partners to address technical gaps.

Get started.

For more information about cybersecurity and how Catalyst can help, contact Mark Sewell, Senior Consultant.

Phone: 412.918.4282
Email: msewell@catalystconnection.org