GENEDGE Assists Chesapeake Machine Works in Meeting DoD Cybersecurity Requirements
The following anticipated impacts were a result of the Phase 1 Services - Business Growth Acceleration:
- $40K in sales
- $59.6K in cost savings
- $8K in investments
- 3 jobs created or retained
About Chesapeake Machine Works, Inc.
Since 1987, has been the region's trusted machine shop offering customized options for machinery, machine parts, tools, welding, machine fabrication, and repair of any parts they have manufactured. As a small business in Chesapeake, CMW provides critical components to two primary customers–the Department of Defense (DoD) and the U.S. Navy.
When the new cybersecurity requirements (DFARS 252.204-7012) were announced, CMW’s leadership team wanted to protect their data while also getting ahead of their competitors. However, after a quick assessment of the potential financial commitment, CMW realized that outside cybersecurity support would be cost prohibitive. Fortunately, CMW learned of GENEDGE’s Virginia’s Defending Controlled Unclassified Information Program (DEFENDCUI-VA) through one of their inquiries with a cybersecurity resource.
MEP Center's Role
GENEDGE’s DEFENDCUI-VA is a selective program intended to identify, select, and assist Virginia companies who participate in the DoD supply chain in creating awareness, providing assessment to determine compliance requirements and provide services to best address gaps identified.
CMW was accepted to participate in Phase 1 Services - Company Assessments. Based on the program’s approach, GENEDGE offered the following proposal for services to help CMW assess their level of compliance and develop a plan to address the vulnerabilities identified through services provided by their third-party resource network.
GENEDGE provided Phase 1 services to determine the current level of compliance and develop adequate plans to respond to the gaps identified including:
• Demonstrate Completion of Cybersecurity Assessment
• Draw Up a Plan of Action and Milestones
• Create an Incident Response Plan
• Define requirements and complete a Cybersecurity Plan
• Initial Vulnerability Baseline System Scan
Download the NIST sheet: Chesapeake Machine Works, Inc. Case Study (opens new window)