CyberSheath Services International, LLC | February 03, 2021
CyberSheath Services International today launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.
When combined with CyberSheath’s existing Managed Compliance and Security Services, the new Managed IT Services cover the full spectrum of managed services needs for most U.S. Defense Industrial Base (DIB) contractors. CyberSheath has long recognized that a large part of IT delivery, tasks such as patching and asset management, are foundational to NIST 800-171 and CMMC compliance, and customers need a force multiplying solution for Managed IT services. This offering is only available to defense contractors and uniquely built to make CMMC and NIST 800-171 compliance a natural outcome of day-to-day operations.
This new consolidated solution is anchored on Microsoft technology or Microsoft Solution Partner technology, but flexible enough to “meet you where you are.” It has the distinct ability to add compliance or security-as-a-service either upon initial onboarding, or at any time during the subscription period. As a “Hosted Compliance,” it combines elements of MSSP and Managed IT and uses a Microsoft-focused technology stack, including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio. CyberSheath’s CMMC Managed Services future-proof clients against CMMC policy changes and new implementation requirements.
“Any defense contractor that fails to comply with the CMMC will not be doing business with the DoD moving forward as the DoD now prevents non-compliant contractors from participating in DoD contract awards,” said Andy Shooman, COO at CyberSheath Services International. “Our IT managed services are built for the many defense contractors, both Primes and Subs, that still don’t fully understand the DFARS requirements and believe that their weakest link to compliance may be their existing IT services. Simply put, the new DFARS rules raise the stakes and companies that don’t quickly become compliant will be left out of DoD contracts. Our IT managed services ensure that doesn’t happen.”
The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.
CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard both for existing regulatory requirements and CMMC. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.
CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.
“Frankly, defense contractors have seen a lot of changes in cybersecurity compliance over the past year, but we have been delivering audit-ready, U.S. DoD compliance-focused managed services for more than five years in response to the original NIST 800-171 requirements and know we can assist contractors expeditiously with their needs,” said Mr. Shooman.
About CyberSheath Services International, LLC
Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs.
Attestiv | October 09, 2020
Attestiv, a tamper-proof media validation platform and product provider, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will make Attestiv’s industry-leading authentication and detection solutions available to the public sector through Carahsoft’s NASA Solutions for Enterprise-Wide Procurement (SEWP) V, National Association of State Procurement Officials (NASPO) ValuePoint, National Cooperative Purchasing Alliance (NCPA) and OMNIA Partners contracts and through the company’s reseller partners.
AT&T | November 18, 2021
What's the news? AT&T* has launched an integrated, managed cybersecurity solution to help U.S. federal agencies modernize and protect their IT infrastructure in compliance with Trusted Internet Connection (TIC) 3.0 cybersecurity guidance. AT&T Government Trusted Internet brings together software-defined wide area networking (SD-WAN) technology, security capabilities and fiber connectivity in a 24/7 managed solution through a single provider. The comprehensive, scalable solution integrates with the AT&T Managed Trusted Internet Protocol Service, extending highly secure remote access to federal agency workers and branch offices.
Why is this important?
As federal agencies increased their adoption of mobile and cloud technologies in 2020 to support telework, cyber risks and requirements changed. These changes prompted new TIC 3.0 guidance from the federal government's Cybersecurity and Infrastructure Security Agency to protect federal data and networks and provide visibility of cloud and remote users.
The need for federal agencies to modernize their IT infrastructure also increased this year with the White House Executive Order (EO) on Improving the Nation's Cybersecurity in May. The EO calls for bold changes and investments to improve the cybersecurity posture of the federal government including moving to Zero Trust. Zero Trust is a security framework requiring all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.
What makes this new cybersecurity solution different?
AT&T is a trusted network provider to U.S. federal government agencies, helping them maximize network efficiency and performance no matter where they are on the network transformation continuum.
AT&T Government Trusted Internet meets federal agency requirements for highly secure remote connectivity supporting remote users and branch offices. The solution optimizes network performance while allowing government agency users to connect directly to the internet to access cloud-based applications in a highly secure manner. It provides centralized network visibility across users, devices, and locations to monitor users whether they are on or off the network to reduce security risks. These capabilities allow federal agencies the flexibility and speed they require as they modernize their IT infrastructure.
AT&T Government Trusted Internet delivers threat analysis and correlation through the AT&T Security Operations Center and AT&T Alien Labs Open Threat Exchange® global threat sharing community to help federal agencies monitor and reduce ongoing cybersecurity risks.
The solution includes additional capabilities such as Zero Trust Network Access to provide highly secure remote access to applications, data, and services based on clearly defined access control policies.
When will this new cybersecurity solution be available?
AT&T Government Trusted Internet is immediately available to U.S. federal agencies.
Chris Kissel, Research Director, Tier 2 SOC Analytics, IDC
"Federal agencies want to stay ahead of evolving cyber threats and comply with TIC 3.0 and the Executive Order, but they also want as little friction as possible. What I see as compelling about AT&T Government Trusted Internet is it considers all of the possible use cases including remote workers and the practical implementation of Zero Trust. Additionally, the AT&T Security Operations Center and AT&T Alien Labs Open Threat Exchange provide monitoring and security insights."
"The shift to telework and increased cyber threats have created urgency for federal agencies to enhance the security of their IT infrastructure. AT&T Government Trusted Internet helps federal employees to efficiently connect to remote agency networks and cloud environments in a highly secure manner while continually managing risks."
Brandon Pearce, AVP, Product Marketing Management, AT&T
About AT&T Communications
We help family, friends and neighbors connect in meaningful ways every day. From the first phone call 140+ years ago to mobile video streaming, we @ATT innovate to improve lives.