Challenges & Needs

• No Formalized Training Programs: The client had never taken the time to develop any formalized security awareness training programs, insider threat training, training relating to Controlled Unclassified Information (CUI), vendor management training, and more.
• Lack of Expertise in Program Development and Rollout: While the client understood the importance of such programs, they lacked the internal expertise for program development, execution, and monitoring.
• Aggressive Timeframe for Implementation: Added pressure was coming from the DoD, who wanted all required training programs fully implemented within ninety (90) days.

Our Solution

• Successfully defined project scope, including roles and responsibilities for all internal personnel at the client.
• Where applicable, identified third-party vendors who would be instrumental in helping achieve mandated DoD training requirements.
• Worked with two (2) key external third-party vendors in helping design and implement three (3) highly customized security awareness training modules for ensuring full coverage of current and emerging information security, cybersecurity and data privacy threats.
• Developed a fully customized insider threat program and supporting threat awareness program, along with a CUI program, complete with documented policies, procedures, and processes.

Challenges Solved

• Designed, developed and successfully implemented all NIST RMF required training solutions relating to information security, cybersecurity, and data privacy.
• Helped ensure the client would meet all training requirements when reporting on various DoD compliance mandates, specifically, DFARS NIST 800-171 and CMMC.

Value Created

• Helped put in motion a corporate culture that now understands, respects, and truly values the concept of information security, cybersecurity, and data privacy.
• Created an awareness for employees in terms of understanding the growing threat landscape that can affect their organization in a detrimental way.