Supply Chain Enhancements

This project will develop and implement supply chain visibility tasks within the Critical Infrastructure Resilience Institute (CIRI) Cybersecure Dashboard. CIRI is a Department of Homeland Security Center of Excellence research organization with a mission to positively impact the security and resilience of critical infrastructure around the nation.

Heartland Science and Technology Group (technology partner) will develop and implement supply chain visibility tasks within the Cyber Secure Dashboard. The Dashboard is a full featured management application designed to speed initial assessment, clarify, and prioritize security requirements into a single, easy to navigate tool. It cross-references multiple DoD mandated control requirements and risk management standards.

Project Awarded

July 13, 2020

Project Number

20-01-A

Project Lead

Heartland Science & Technology

Project Participants

MxD

Problem

Currently, the visibility or exposure of a supplier’s Cybersecurity Maturity Model Certification (CMMC) status is non-existent. Manufacturers planning to review or sign new contracts with the Department of Defense will be expected to meet CMMC, the department’s latest cybersecurity requirement. Manufacturers will need the ability to verify which organizations within their supply chain are certified and whether or not they meet the required certification level in order to contract with their organization.

Proposed Solution

Heartland Science & Technology Group will develop supply chain visibility features along with reporting, sorting, and self-assessments in order to provide prime contractors an aggregated user-friendly visibility of suppliers CMMC self-assessment and accreditation status.

Impact

Small and medium manufacturers (SMMs) will have the opportunity to gain a better understanding of the requirements placed by the Department of Defense once their organization conducts a self-assessment, a feature available within the Dashboard. The results of the self-assessment will assist SMMs in identifying the activities they will need to fulfill to achieve the appropriate level of certification. This will enable SMMs to make better decisions in pricing and purchasing cybersecurity solutions for their organizational needs. Meanwhile, larger manufacturers will have the ability to view, recognize, and quantify the cybersecurity posture of their supply chain in order to verify which organizations meet the necessary CMMC requirements for contracting.

Outcomes

The Cyber Secure Dashboard will now facilitate long-term compliance, cybersecurity awareness, and sharing of cybersecurity posture based on the NIST Cyber Security Framework to help enterprises comply with government-mandated cybersecurity requirements. Small and medium manufacturers can conduct a self-assessment using the Dashboard feature to gain a better understanding of Department of Defense requirements and larger manufacturers can use the Dashboard to view, recognize, and quantify the cybersecurity posture of their supply chain to verify which organizations meet necessary CMMC requirements.