Project Spectrum and How it Helps with Cybersecurity and CMMC Compliance
Project Spectrum was founded in late 2018 as a collaboration between the Department of Defense Office of Small Business Programs (OSBP), the Maryland Innovation and Security Institute (MISI) and its DreamPort Mission Accelerator. DreamPort is a program and facility operated by MISI and launched as part of a US Cyber Command OTA PIA contract.
The Project Spectrum team has developed a website designed as a gateway for cybersecurity compliance, knowledge and solutions. The website will provide:
- A marketplace for solutions, many that have been tested and evaluated by DreamPort's cyber team.
- A variety of training that tracks your cyber training and awareness maturity.
- A community of cyber compliance interest.
- Tested tools will have our Mission Accelerator Tested seal.
- An ever growing catalog of online and in classroom training.
- Access to JENSIE an end to end platform for cyber compliance tracking.
- Tools that automate the collection of asset and vulnerability data.
- Continuous tracking of CMMC, NIST 800-171, NIST 800-53, Controlled Unclassified Information (CUI) compliance with a heavy focus on the CMMC.
- A solution that is designed to assist manufacturer and IT companies.
- Plug, secure and comply operational technology (OT), information technology (IT), and industrial internet of things (IIoT) sensors that connect back to the JENSIE compliance platform.
- Cyber value at risk assessments of vulnerabilities with OT and IT mitigation analysis.
- Multifactor Authentication (MFA).
- Encryption at Rest.
- JENSIE resides in the secure AWS GovCloud (US).
- AWS GovCloud (US) enables customers to adhere to ITAR regulations, the FedRAMP requirements, Defense Federal Acquisition Regulation Supplement (DFARS), DoD (SRG) Impact Levels 2 and 4 and 5, and several other security and compliance requirements.
- Remote penetration testing on demand.
- Security operations center operation designed to assist with continuous monitoring and active threat response.
Project Spectrum is designed to assist manufacturers and IT focused small and medium sized companies to increase their cyber awareness and to begin to prepare for the upcoming mandatory audits associated with CMMC and to comply with existing cybersecurity policy.
The Stakeholders will in exchange:
- Obtain vital knowledge from the experiences of the pilot participants that will inform the DoD Office of Small Business Programs on how cybersecurity policy compliance can be achieved.
- Obtain a broad cross section of real world data on the impact of CMMC on the supply chain.
- Compliance process challenges and impact for manufacturers and IT DIB members.
- Insight into common cyber vulnerabilities.
- Document effectiveness and cost factors associated with solutions deployed to each pilot participants.
- How cyber assessments can be accomplished through automation due to the impact of COVID-19.
- Assessments of the small and medium sized supplier's own supply chain.
- Access to a secure compliance portal that tracks the compliance journey for each participant.
- Document and evaluate as a living process lessons learned from each assessment.
The Department of Defense Office of Small Business Programs, US Cyber Command, The Department of Defense, Maryland Innovation and Security Institute, Directors, Officers, employees, contractors of any of the above organizations makes no guarantees that any solution, or service can prevent a cyber attack or guarantee certification with any standard. US Cyber Command, the Department of Defense and its Office of Small Business Programs does not endorse or warrant any solution, service or company associated with Project Spectrum, this includes any contractors or subcontractors.