Skip to main content
New InterSec is now ISO/IEC 42001 certified for AI management systems Read the announcement
Book a Call
Security Architecture & Engineering
Cybersecurity Advisory
Threat & Vulnerability Management
Compliance Services
Managed Security Services
Cyber Workforce Development
The Company
How We Engage
Capability Statement

Download our Capability Statement for a complete view of InterSec.

Download Now
Learn & Apply
Research & Outcomes
News & Updates ISO/IEC 42001 Certified

The latest milestones, trends, and analysis from the InterSec team.

Read the latest
Case Study
A Defense Contracting Company Federal engagement

Helping a Manufacturing Company Achieve CMMC Level 2 Compliance

A Virginia-based manufacturing company was struggling with CMMC Level 2 compliance due to limited IT resources, legacy technology, and hesitancy around using cloud services. InterSec applied its NIST 800-171/CMMC readiness methodology to close compliance gaps and enable secure operations.

Services delivered
CMMC-Level 2 Compliance Roadmap (NIST 800-171)Modernizing Outdated IT SystemsSecure Cloud Adoption for Critical OperationsStaff Training & Cybersecurity AwarenessCUI Scoping & Protection
Helping a Manufacturing Company Achieve CMMC Level 2 Compliance

Background

This defense-oriented manufacturer relied on outdated infrastructure and minimal IT staff, making it difficult to meet the Department of Defense’s CMMC Level 2 standards. Their concerns over cloud security further complicated modernization efforts necessary for contract retention.

Overview

A Virginia-based manufacturing firm needed to comply with DFARS 7012 requirements while juggling outdated IT systems and cloud skepticism. Losing DoD contracts was a real possibility without urgent remediation.

InterSec applied a phased NIST 800-171 approach, combining technical fixes and staff education to transform the company’s security posture. The result was a fully compliant environment that instilled confidence in both leadership and federal stakeholders.

  • Defense-oriented manufacturing with minimal cybersecurity staff
  • Needed compliance to maintain crucial DoD partnerships
  • Worried about adopting cloud technologies for critical operations

The Challenge

The firm lacked the resources to revamp its security infrastructure and was uncertain about securely managing Controlled Unclassified Information (CUI). Missing CMMC deadlines could lead to severe revenue loss.

  • Limited IT Resources: No dedicated cybersecurity oversight or strategy
  • Complex Controls: Unclear how to manage and protect CUI
  • Looming Contract Loss: Risked losing DoD business if not quickly CMMC-ready

Our Approach

InterSec fostered executive backing and deployed a proven readiness framework, ensuring top-to-bottom alignment on CMMC standards while removing roadblocks tied to cloud adoption hesitancy.

  • Leadership Engagement: Clarified responsibilities for cybersecurity investment and governance
  • Field-Tested CMMC Framework: Executed a prioritized plan addressing immediate and long-term gaps
  • Gap Analysis & Roadmap: Focused on practical quick wins like MFA, encryption, and secure VPNs

Solution & Implementation

We created new policies, modernized critical systems, and implemented staff training to solidify compliance measures, all while keeping resource demands realistic.

  • CUI Scoping: Identified sensitive data across on-prem and partial cloud setups
  • Policy & Procedure Overhaul: Established asset management, vulnerability scanning, and encryption protocols
  • Staff Training & Monitoring: Deployed scanning tools and taught practical security awareness sessions

Results & Outcomes

Upgrading IT systems and instilling a culture of cybersecurity readiness safeguarded essential contracts and set a foundation for long-term risk management.

  • Met CMMC Level 2 requirements within 9 months
  • Quick fixes to high-risk areas minimized threats
  • Employees embraced new processes, ensuring sustainability

Capabilities Demonstrated

CMMC-Level 2 Compliance Roadmap (NIST 800-171), Modernizing Outdated IT Systems, Secure Cloud Adoption for Critical Operations, Staff Training & Cybersecurity Awareness, CUI Scoping & Protection

Want results like these for your organization?

Schedule a free consultation. We'll talk through your environment, your timeline, and a clear first step.

Schedule My Call See All Case Studies