Cybersecurity Compliance Projects – NIST SP 800-171 and others

Kieri Solutions is a one-stop shop to handle your cybersecurity compliance requirements.

We are system architects, technical writers, integrators, and policy experts.    With our broad understanding of IT networks and how they work, we can identify risks and design efficient solutions to them.

We balance technical expertise with a focus on the business.  We understand that your operations need to work – we won’t break your network by installing too much security!  On the policy side, Kieri Solutions has proven templates for requirements such as Configuration Management, Change Management, Information Systems User Agreements, Business Continuity Plans, and many more.

The owner, Amira Armond, is personally involved with each project.  She has been working with secure networks since 2003 and has a host of technical certifications such as CISSP, MCSE, SEC+, NET+, ASTQB.    Amira Armond holds an MBA and Project Management Professional certification, and has written thousands of pages of policy and procedure for enterprises and secure military networks.  In the past, she lead Change Management for the Navy Marine Corps Intranet (NMCI), a 1-million user network, and integrated the Navy’s current deployed hospital system (TMIP).

In other words, if your company needs to comply with NIST SP 800-171, 800-53, HIPAA, PCI, or another compliance framework, contact us!  We’ve got experience implementing each of the security controls required by these frameworks.  If your company is deficient in a security control, we will work with you to fix it or make a Plan Of Action and Milestones (POA&M).  Documenting these POA&Ms correctly will get your company into compliance even if you cannot implement every control.  We partner with you to make your compliance project less stressful and confusing.

Call us:  +1 (301) 253-5150

Email us:  info@kieri.com

Why cyber security compliance?

There are many reasons to implement a cybersecurity compliance program like NIST SP 800-171.

Keep your business running

When you implement best practices contained in NIST 800-171 or other cybersecurity programs, your computer network will become more resilient.  Network hardening and segmentation will reduce or prevent the damage if your servers are attacked by ransomware.  Business continuity planning will fix gaps in your recovery plan and give your staff a playbook to follow when disaster strikes.  Developing high quality policies and processes for change management will help prevent revenue-impacting outages.

Prevent intellectual property loss

Sophisticated hackers from other countries are constantly trying to steal schematics and patent-worthy designs from our corporations.  Many companies have spent millions on R&D.  Do you want overseas competitors to get that hard earned data for free?

Prevent loss of reputation due to data breach

Hardly a day goes by without a large company or government contractor being spotlighted in the news for suffering a data breach.  When this happens, stock prices have a three year loss, on average, of 42%.

Avoid paying for credit monitoring

If you store personal data, such as social security numbers, date of birth, addresses, or credit card numbers, you are responsible for what happens to it.  Paying for credit monitoring can cost $10 a month.  Multiply that by your data and this cost is often millions of dollars.

Keep your partners and clients safe

Your partner companies and clients want you to have great cybersecurity so that hackers can’t attack them via your systems.  The U.S. Government thinks that this is so important that their contractors are required to comply with NIST SP 800-171, which contains 110 security controls.  There is a new initiative to make cyber security for government contracts an Allowable Cost. Find out more about the initiative here.

A growing threat is supply chain attacks: hackers attack a company then insert malicious software into that company’s product.  When clients install the product, they also install the malicious software.  It would be horrible if your clients were hacked because they trusted your company.  Implementing required security fixes like two-factor authentication will help prevent this threat.

Your money stays in the bank – not transferred to Nigeria

When you are cyber-secure, you have processes and systems in place to detect hackers and stop malicious software.  When your comptroller’s computer gets a virus, your IT department will have a fighting chance to detect and remove it before your bank password is stolen.

It is time to get secure

I hope those are enough reasons for you to adopt a cybersecurity compliance framework for your company.   If you are a U.S. Government contractor, you may be required to follow NIST SP 800-171.  Medical institutions and companies that process credit cards have their own regulated frameworks. For any of these, Kieri Solutions can help make this process less stressful.

Call us:  +1 (301) 253-5150

Email us:  info@kieri.com