CyberSheath Services International, LLC | February 03, 2021
CyberSheath Services International today launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.
When combined with CyberSheath’s existing Managed Compliance and Security Services, the new Managed IT Services cover the full spectrum of managed services needs for most U.S. Defense Industrial Base (DIB) contractors. CyberSheath has long recognized that a large part of IT delivery, tasks such as patching and asset management, are foundational to NIST 800-171 and CMMC compliance, and customers need a force multiplying solution for Managed IT services. This offering is only available to defense contractors and uniquely built to make CMMC and NIST 800-171 compliance a natural outcome of day-to-day operations.
This new consolidated solution is anchored on Microsoft technology or Microsoft Solution Partner technology, but flexible enough to “meet you where you are.” It has the distinct ability to add compliance or security-as-a-service either upon initial onboarding, or at any time during the subscription period. As a “Hosted Compliance,” it combines elements of MSSP and Managed IT and uses a Microsoft-focused technology stack, including Azure Government Blueprints, Microsoft 365 Government (GCC High), and the full strength of the vast Department of Defense (DoD)-approved Microsoft security portfolio. CyberSheath’s CMMC Managed Services future-proof clients against CMMC policy changes and new implementation requirements.
“Any defense contractor that fails to comply with the CMMC will not be doing business with the DoD moving forward as the DoD now prevents non-compliant contractors from participating in DoD contract awards,” said Andy Shooman, COO at CyberSheath Services International. “Our IT managed services are built for the many defense contractors, both Primes and Subs, that still don’t fully understand the DFARS requirements and believe that their weakest link to compliance may be their existing IT services. Simply put, the new DFARS rules raise the stakes and companies that don’t quickly become compliant will be left out of DoD contracts. Our IT managed services ensure that doesn’t happen.”
The U.S. Department of Defense (DoD) established the CMMC as a new security measure to protect Controlled Unclassified Information (CUI), Federal Contract Information (FCI), and other sensitive data residing on systems and networks owned by defense contractors. The DoD requires all of its contractors and suppliers to comply with the new CMMC standards at a given level and undergo a certification process based on review by an accredited third-party assessment organization prior to contract award.
CyberSheath uses a proven AIM™ (Assess – Implement – Manage) methodology to meet defense contractors where they are and bring them up to standard both for existing regulatory requirements and CMMC. CyberSheath offers five CMMC levels of assured compliance, ranging from premise-based technology companies to cloud-driven FedRAMP High environments. Leveraging AIM™ to identify gaps against CMMC requirements, CyberSheath quickly implements any needed changes and revises architectures to maintain desired levels of CMMC compliance.
CyberSheath takes ownership of CMMC compliance, leveraging a Shared Responsibility Model, a concept uniquely adapted from cloud providers and applied to CMMC Managed Services. This management framework dictates the security obligations of a CMMC compliance environment and its users to ensure accountability and define where and how security measures should be applied, with a special focus on CUI and other sensitive government data. The result is a self-reinforcing model that reduces the burden on government contractors and ensures compliance.
“Frankly, defense contractors have seen a lot of changes in cybersecurity compliance over the past year, but we have been delivering audit-ready, U.S. DoD compliance-focused managed services for more than five years in response to the original NIST 800-171 requirements and know we can assist contractors expeditiously with their needs,” said Mr. Shooman.
About CyberSheath Services International, LLC
Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs.
MilliporeSigma | December 30, 2021
MilliporeSigma, the U.S. and Canada Life Science business of Merck KGaA, Darmstadt, Germany, a leading science and technology company, today announced that it has been awarded a $136.7M USD contract award for the construction of a lateral flow membrane production facility over a three-year period at the company's Sheboygan, Wisconsin site. The contract award from the U.S. Department of Defense (DoD), on behalf of the U.S. Department of Health and Human Services, is part of an effort to ensure secure local supply and production capacity for critical products for pandemic preparedness.
"With this agreement, MilliporeSigma will construct a state-of-the-art lateral flow membrane production facility that will give our in vitro diagnostic (IVD) manufacturing customers greater flexibility and security of supply of our Hi-Flow™ Plus lateral flow membranes."
Matthias Heinzel, Member of the Executive Board and CEO, Life Science, Merck KGaA, Darmstadt, Germany
"Our lateral flow membranes have earned a reputation for high consistency among rapid diagnostic manufacturers and the already robust demand for this membrane has significantly increased since the onset of the pandemic. With this critical investment, we are expanding much-needed access to essential diagnostic testing as a trusted partner to the world's most sophisticated diagnostic manufacturers," said Jean-Charles Wirth, head of Applied Solutions, Life Science.
Building this new facility supports the overall Life Science business sector's strategy to add physical capacity and expand its regional network to enable further growth of its key portfolios.
Hi-Flow™ Plus Lateral flow membrane is used in rapid diagnostic test kit manufacturing by the Life Science business' customers, enabling reproducible results due to its consistent quality and optimized properties. The rapid test kits are used for a variety of applications, including Infectious Disease testing (Covid-19, HIV, Influenza, Malaria, etc.), as well as in women's health, biomarker detection, drug testing, food safety and animal health. Due to continuously increasing demand for lateral flow membrane, the Life Science business had already invested in a second membrane casting line in Cork, Ireland, which was recently completed, and expanded the range of other critical reagents (antibodies, beads, blockers, buffers) utilized to develop lateral flow rapid test kits. These strategic investments position the Life Science business as an important critical raw material supplier for the Diagnostic market, especially as the company prepares for IVD Regulation and Medical Device Regulation.
The Life Science business is undertaking an ambitious, multi-year program to increase production capacity and capabilities to support the growing global demand for lifesaving vaccines, therapies and diagnostics. Within the last year, the company has accelerated investments to expand capacity to produce its support Mobius® single-use assemblies in both the U.S. and France, as well as increased capacity for the production of cell culture media in the U.S. and UK, among others. Additionally, several expansion projects continue to advance across the company's manufacturing and distribution global network.
About the Life Science business of Merck KGaA, Darmstadt, Germany
The Life Science business of Merck KGaA, Darmstadt, Germany, which operates as MilliporeSigma in the U.S. and Canada, has more than 23,000 employees and 59 manufacturing sites worldwide, with a portfolio of more than 300,000 products focused on scientific discovery, biomanufacturing and testing services. Merck KGaA, Darmstadt, Germany, a leading science and technology company, operates across healthcare, life science and electronics.
Everlaw | September 15, 2021
Everlaw announced today the migration of its FedRAMP Authorized federal SaaS platform to Amazon Web Services (AWS) GovCloud (US), making it one of the first cloud-native ediscovery, collaboration and document review solutions to meet these stringent U.S. government security requirements. Everlaw's platform, which achieved FedRAMP Authorization last year, is already one of the few elite technology providers used by U.S. government agencies for federal investigations and litigation. Now, on AWS GovCloud (US), Everlaw can maintain the integrity of its state-of-the-art, high-speed solution while protecting the most sensitive government information against cybersecurity threats.
Providing a fast, highly secure and modern collaboration solution that meets the critical needs of government agencies is of the utmost importance to us. Our move to AWS GovCloud (US) allows our federal clients to confidently use our solution, knowing that their information is protected by the highest cloud security standards.
Kevin Babcock, Director of Security Engineering at Everlaw
The migration to AWS GovCloud (US) underlines Everlaw's commitment to best-in-class service and safety for federal clients. AWS GovCloud (US) allows Everlaw to better support federal export controls, compliance, and storage of highly sensitive data. Additionally, the Amazon Region is operated exclusively by U.S. citizens on U.S. soil, as is Everlaw's platform, enabling the company to serve government agencies with NOFORN (no foreign national) requirements. Everlaw has also achieved ISO/IEC 27001:2013 certification for data center security, and SOC 2 Type 2 certification in Privacy, Security, Confidentiality and Availability, as well as completed voluntary independent audits to support Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR) compliance.
Everlaw's collaborative platform enables federal teams to discover, illuminate and act on information to better drive internal investigations and positively impact the outcome of litigation, congressional hearings, and internal and regulatory investigations. Historically, federal teams have had to rely on outdated, client-server software and expensive third-party service providers, but Everlaw combines speed, security and ease-of-use into a single solution that can be used in-house without maintenance or outside technical staff. Everlaw's unique features help uncover the truth more quickly and present findings more clearly, including 0365 integration, bulk redactions, searchable PDFs, A/V transcription, data visualization, foreign language translation, clustering, instant searching and in-platform sharing, with additional features released every four weeks.
Everlaw blends cutting-edge technology with modern design to help government entities, law firms, and corporations solve the toughest problems in the legal industry. Everlaw is used by Fortune 100 corporate counsels and household brands like Hilton and Dick's Sporting Goods, 76 out of the AM Law 100, and all 50 U.S. state attorneys general. Based in Oakland, California, Everlaw is funded by top-tier investors, including CapitalG, Menlo Ventures, Andreessen Horowitz, and K9 Ventures.