Skip to main content
New InterSec is now ISO/IEC 42001 certified for AI management systems Read the announcement
Book a Call
Security Architecture & Engineering
Cybersecurity Advisory
Threat & Vulnerability Management
Compliance Services
Managed Security Services
Cyber Workforce Development
The Company
How We Engage
Capability Statement

Download our Capability Statement for a complete view of InterSec.

Download Now
Learn & Apply
Research & Outcomes
News & Updates ISO/IEC 42001 Certified

The latest milestones, trends, and analysis from the InterSec team.

Read the latest
Case Study
A Defense Contracting Company Federal engagement

How a Virginia-Based Acquisition Support Contractor Boosted Its SPRS Score to 110

With 200+ employees and a newly acquired manufacturing company, this contractor faced urgent deadlines to achieve CMMC Level 2 compliance. InterSec employed its CMMC accelerators and rigorous NIST 800-171 approach to unify both organizations under a single compliant framework.

Services delivered
CMMC Level 2Compliance (via NIST 800-171)Accelerator-Driven Remediation & Policy IntegrationMerging Separate Security Environments Post-AcquisitionIdentity& Access Integration (Unifying Multiple ADs)Meeting Urgent DoD Contract Deadlines
How a Virginia-Based Acquisition Support Contractor Boosted Its SPRS Score to 110

Background

A newly expanded defense contractor with over 200 employees, managing two distinct corporate cultures and IT systems after acquiring a smaller manufacturing company.

Overview

After acquiring a smaller manufacturing company, this contractor to DoD needed to unify both organizations under a single CMMC-compliant framework. Looming DoD contract deadlines left no margin for error.

InterSec fast-tracked compliance by deploying specialized accelerators and a rigorous NIST 800-171 methodology. By tackling policy alignment, technical integration, and staff onboarding, we helped the client unify its security posture and safeguard critical defense contracts.

  • 200+ employees with two separate corporate cultures and IT systems
  • Urgent timeline to maintain DoD contract eligibility
  • Required consistent CMMC Level 2 compliance across both entities

The Challenge

Merging different security policies threatened to delay or derail vital DoD contracts, especially if the newly combined organization couldn’t meet CMMC standards quickly.

  • Integration Hurdles: Newly acquired employees not in the parent’s Active Directory
  • Inconsistent Policies: Legacy approaches varied across the two companies
  • Time-Sensitive Compliance: DoD deadlines demanded swift alignment of security controls

Our Approach

InterSec employed pre-built CMMC templates and methodical remediation phases, ensuring the client addressed urgent compliance gaps first while steadily integrating the remainder of security measures.

  • Used CMMC accelerators and best practices to jump‐start readiness
  • Addressed policy unification, user provisioning, and technical controls in manageable steps
  • Rigorously applied ISO 9001 Project and Quality Management practices to keep projects on schedule while using minimal client personnel resources

Solution & Implementation

We established unified identity and access controls, simplified documentation, and coordinated scanning efforts, enabling both parent and acquired entities to operate under one coherent cybersecurity program.

  • Detailed Current-State Analysis: Examined existing tools, processes, and vulnerabilities
  • Remediation Plan Execution: Deployed MFA, configured vulnerability scans, unified documentation
  • User Integration: Transitioned acquired staff into the parent’s AD, aligning password policies and access controls

Results & Outcomes

A strategic, step-by-step rollout allowed the contractor to exceed compliance requirements ahead of schedule, securing DoD contract renewals.

  • Met CMMC Level 2 framework and NIST 800-171 standard requirements
  • Integrated systems minimized confusion and risk
  • Met critical DoD contractual deadlines without impacting critical project

Capabilities Demonstrated

CMMC Level 2Compliance (via NIST 800-171), Accelerator-Driven Remediation & Policy Integration, Merging Separate Security Environments Post-Acquisition, Identity& Access Integration (Unifying Multiple ADs), Meeting Urgent DoD Contract Deadlines

Want results like these for your organization?

Schedule a free consultation. We'll talk through your environment, your timeline, and a clear first step.

Schedule My Call See All Case Studies