In response to the DFARS mandate, Silverside Detectors successfully addressed NIST SP 800-171 requirements through the CyberSaint and MassMEP Program.
“MassMEP and CyberSaint came alongside our team, guiding them through the compliance standards and leading us to a level of preparedness matching our commitment to excellence.” said Sarah Haig, COO of Silverside Detectors
Based just outside of the Boston area in Cambridge, MA, Silverside’s team is fundamentally shifting the global security landscape. Silverside Detectors is committed to reducing the global threat of nuclear terrorism. The company’s neutron detection technology enables governments to deploy networks of detectors at nuclear material storage sites, in transit routes, and throughout cities. With a growing team made up of researchers, technicians, and engineers, Silverside is bringing their lithium thermal neutron detector to market and has had great success and traction especially in recent months.
Silverside’s customer base includes offices within the Departments of Defense and Homeland Security, and therefore the team knew that cybersecurity best practices and compliance with the Defense Federal Acquisition Regulation Supplement, per NIST Special Publication 800-171, was a priority.
The new 800-171 controls, required by DoD, went into effect on December 31, 2017. The requirement applies to all DoD primary contractors and sub-contractors in the DoD Supply Chain for the protection of Controlled Unclassified Information (CUI).
It was apparent that Silverside’s needs went well beyond responding to customer questionnaires, and that real action to identify gaps and remediate was necessary. The team was also made aware that having a System Security Plan (SSP) and Plan of Actions and Milestones (POAM) was critical to proving adherence and adequate security in accordance with Department of Defense supply chain needs. Silverside would need to manage its own compliance with the 800-171 regulations in order to prepare to scale business through and beyond 2018, and have a cost-effective cybersecurity program that will mature in parallel with the company.
Silverside Detectors needed a plan of how to approach DFARS compliance and a solution that could be put in place quickly and easily to help with the DFARS assessment, without stalling other company initiatives. Silverside’s team also realized that they would need to self-manage their regulatory requirements beyond 2018 in order to stay competitive as their operation scales.
The Massachusetts Manufacturing Extension Partnership (MassMEP) organized a program that leverages various funding options to subsidize consulting engagements paired with the CyberStrong Platform from CyberSaint Security. This program enables state or local manufacturers and DoD suppliers with rapid DFARS cybersecurity conformance.
“We are pleased to partner with CyberSaint to provide our client Silverside Detectors a solution to their Cybersecurity compliance requirement. CyberSaint provided a robust and comprehensive report out and roadmap that helped Silverside Detectors navigate through the Defense Industry and Homeland Security requirement,”
Tom Andrellos, MassMEP’s Director of Growth Services.
The CyberStrong Platform is a breakthrough Integrated Risk Management and continuously active assessment platform that helps customers become quickly and easily compliant with regulations such as DFARS 800-171. The platform guides both Information Technology professionals and non-IT professionals through the assessment framework control by control and provides actionable insights on next steps to mitigate risk, making compliance with regulations and adherence to customer questionnaires accessible regardless of company resources.
“We are excited to make the CyberStrong Platform accessible to our local community through our partnership with the MassMEP. As a company founded upon making cyber best practices accessible, it’s rewarding to see local businesses and new startups alike benefit from adopting proactive security measures,”
George Wrenn, CyberSaint’s CEO and Founder.
CyberStrong walks the user through the DFARS assessment (either the NIST SP 800-171 controls or the Handbook (HB)162 control set) and provides gap analysis and recommendations on which controls should be implemented to increase the overall compliance score while lowering risk in key areas.
Silverside asked MassMEP to participate in the DFARS cybersecurity program, which included key CyberSaint stakeholders identifying Silverside’s Target of Evaluation, qualifying what was and was not considered Controlled Unclassified Information (CUI), walking through the technology architecture and explaining the best plan of action on how to close key DFARS compliance gaps. In just three sessions, the CyberSaint team used the CyberStrong Platform to expedite the conformance process and finished the engagement successfully, and much quicker than anticipated.
“The challenge of a startup is keeping pace with regulations without depleting company resources. MassMEP and CyberSaint came alongside our team, guiding them through the compliance standards and leading us to a level of preparedness matching our commitment to excellence. Without their expertise and support, we would not be where we are today,”
Sarah Haig, COO of Silverside Detectors.
Silverside presently manages the CyberStrong SaaS Platform on its own and has at its disposal priorities on how to remediate going forward through 2018. Thanks to CyberSaint and MassMEP’s DFARS cybersecurity program, Silverside Detectors successfully addressed the NIST SP 800-171 requirements and is empowered to proactively address cybersecurity measures as the company grows.
CyberSaint Security empowers organizations to implement automated, intelligent cybersecurity compliance and risk management that enables measurement, enhances communication and improves cybersecurity resiliency. The CyberSaint team’s intellectual DNA winds deeply through the academic, tech, and investment communities in Boston, the White House, RSA, IBM, EMC, MIT, Harvard, University of Cambridge, KPMG and others.
Massachusetts Manufacturing Extension Partnership (MassMEP), part of the national NIST MEP system, is a leading resource for manufacturers. Committed to success in manufacturing, MassMEP transforms companies through solutions focused on innovative growth, operational excellence, and workforce development. The organization cultivates a sustainable community built on supportive relationships, idea sharing, achievement, and next-generation manufacturing. For more information, visit www.massmep.org.