CyberSheath: Managed Compliance as A Service

Follow CyberSheath on :

Eric Noonan, Founder and CEO
Over the last decade, cyber threats have become bigger and stealthier, plaguing virtually every industry. Even the defense landscape has to continually face up to the risk of intellectual property theft. To curb the cyber attacks, the U.S. governing bodies have issued Cybersecurity Maturity Model Certification (CMMC) to safeguard the Department of Defense (DoD). The CMMC is a unified standard intended to serve as a verification mechanism to ensure appropriate cybersecurity practices and protection of controlled unclassified information. All the 350,000+ defense contractors in the Defense Industrial Base (DIB) must adhere to the CMMC regulations for compliance to obtain DoD contracts.

However, it is nearly impossible for defense contractors to cover every aspect of cybersecurity for total CMMC compliance. Particularly during the ongoing COVID-19 pandemic, ensuring security from a remote work location proves to be even more challenging. For this reason, defense contractors need a managed security services partner to ensure all-round cybersecurity and meet complex CMMC regulatory requirements. This is where CyberSheath comes into the picture to help defense contractors in the DIB comply with CMMC, DFARS 252.204-7012, and NIST 800-171. CyberSheath is a managed security services company that handles the technical, cybersecurity, and compliance aspect for defense contractors and protects their intellectual properties. Founded in 2012 by Eric Noonan, a former United States Marine and chief information security officer for a global defense contractor—CyberSheath delivers measurable results that substantially reduce risk.

CyberSheath, as a trusted third-party managed service provider, simplifies compliance for its clients in three stages, (assess, implement, manage) AIM™. After the initial assessment, CyberSheath understands the client’s compliance requirements and breaks down the reasons behind their non-compliance. From there, CyberSheath moves to implementation. “We follow a shared responsibility model. We own the gaps and fix them,” says Eric Noonan, CEO of CyberSheath. After ascertaining the gaps, CyberSheath ensures that the client achieves compliance through specific initiatives across people, processes, and technology. And once the client achieves compliance, CyberSheath ensures that they stay complaint for a long-term throughout the lifecycle of their relationship. The same AIM approach works wonders for the clients, even in the turbulent times of the COVID-19 pandemic as CyberSheath ensures that the client’s employees can work remotely and securely.


Amid the continually changing regulations, we help our clients achieve compliance quickly and cost-effectively while optimizing their operations

The company has diverse clientele across various industries. According to Noonan, while these industries require basic good cyber hygiene, they have unique and sometimes competing regulatory regimes. In these scenarios, CyberSheath focuses on securing its clients IT and cybersecurity environment to make compliance a natural outcome of operational security.

To further illustrate CyberSheath’s services, Noonan shares a success story where a client struggled to comply with CMMC’s predecessor, NIST 800-171. CyberSheath’s initial assessment revealed that the client had a 65 percent non-compliance score. As part of its remediation activities, CyberSheath deployed a multi-factor authentication system for different operating systems such as Windows, iOS, or Linux to ensure that the security configuration is in place. The second remediation activity was to enable mobile device management in a bring your own device (BYOD) environment to protect their sensitive information. Third, for monitoring and logging, CyberSheath established both security information and event management (SIEM) log sources and integrations to support security analysis and alignment with NIST 800-171. Additionally, CyberSheath started a log management and observation plan to illustrate the mature logging and monitoring capability. As a result, during a third-party DoD assessment, the client had a low cybersecurity risk rating and passed the audit with flying colors.

Moving ahead with undeterred momentum, CyberSheath is helping its DIB clients navigate through CMMC’s regulatory changes to protect their DoD or contract revenue from the government. “Amid the continually changing regulations, we help our clients achieve compliance quickly and cost-effectively while optimizing their operations,” concludes Noonan.

Company
CyberSheath

Headquarters
Reston, VA

Management
Eric Noonan, Founder and CEO

Description
CyberSheath is a managed security services company that offers cybersecurity with mandatory compliance audits to protect its client’s intellectual properties. CyberSheath is a managed security services company that handles the technical, cybersecurity, and compliance aspect for defense contractors and protects their intellectual properties. CyberSheath, as a trusted third-party managed service provider, simplifies compliance for its clients in three stages, (assess, implement, manage) AIM™. CyberSheath ensures that its clients’ stay complaint for a long-term throughout the lifecycle of their relationship. The company has diverse clientele across various industries. Amid the continually changing regulations, CyberSheath helps their clients achieve compliance quickly and cost-effectively while optimizing their operations

CyberSheath