Challenge
A large defense contractor ($5B annual revenues) needed to prepare for Cybersecurity Maturity Model Certification (CMMC) in a multi-cloud environment. The CMMC model will ensure Defense Industrial Base (DIB) vendors are managing their environment for protecting Controlled Unclassified Information (CUI) data and ensure their ability to participate in contract review and award.
Early adopters of CMMC demonstrate their commitment to securing the cybersecurity supply chain and gain a competitive edge for contracting opportunities with the Department of Defense (DoD).
Solution
Boston Government Services (BGS) is both a CMMC Registered Practitioner Organization (RPO) and one of a select few CMMC Certified 3rd Party Assessment Organizations (C3PAO), making BGS uniquely qualified to provide RPO services that CMMC assessors will accept.
Because BGS assessors are certified, they know what is acceptable when they prepare companies for certification reviews. For this RPO engagement, BGS ensured secure segmentation of their multi-client environment, technical architecture, and CMMC compliance. BGS analyzed System Security Plans and multiple annexes, policies, procedures, and standards to ensure alignment with DoD Acquisition & Sustainment and CMMC Level 2 assessment guide requirements. Along with the primary organization, BGS evaluated the organization’s supply chain subcontractors to ensure the same CMMC standards are established and ensure compliance.
Gaps identified as part of the analysis were defined and included in the Plan of Actions and Milestones (POA&M) to implement remediation. BGS conducted a final mock assessment to prepare the team for what to expect as part of the formal certification process once CMMC rule-making is completed.
BGS is a DoD premier CMMC compliance partner for multiple, large confidential defense contractors.
BGS serves DoD’s Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) by providing defense contractors with cybersecurity assessment services and implementing practices, tools, and technologies to support CMMC compliance requirements while meeting mission needs. BGS is among an small elite team of companies charged with assessing CMMC compliance for over 80,000 companies that provide services to DoD.
For more information, please contact cmmc@bgs-llc.com.