05 Mar Credible Solutions for SIEM Chaos are Few for Small- to Mid-Size Contractors and Subs
Around one percent of the world’s gross domestic product (GDP) per year is lost to cyber theft. Federal agencies and large contractors expect dispersed cybersecurity responsibility because the weakest link in a chain can expose cloud data or access to digital infrastructure at the highest levels. In the government spending area, this is especially worrisome. As a result, the DoD has made the formal requirement of different Cybersecurity Maturity Model Certification (CMMC) levels for various business relationships. Whether you make custom wool caps, manufacture UAV parts, or offer engineering consulting services, all businesses who do work with the government will have to comply to compete. Who will face the most stress? The answer: Small- or mid-size businesses with the most limited resources and meager efforts currently focused on cybersecurity.
The need for more efficient cybersecurity monitoring predates the nudge. We are one of the few companies who answered the need before CMMC was even announced, with the development, deployment, DoD approval, and NASA adoption of our MARS Suite continuous monitoring software solution.
From a business owner’s perspective, there is a positive aspect to the announcement of new CMMC standards. Most companies could use a cybersecurity overhaul for their own good anyway. And now, creating security goals will be less of a guessing game—if businesses can choose reputable products and partners who have a handle on their assets from the outset.
CMMC is on a phased rollout that will be applied to all DoD solicitations and contracts by October 2025. Feel unprepared? You are not alone.. Small to midsize businesses, especially, will need help meeting new requirements. So, what are the big picture issues to address beyond CMMC checklists?
Focus on Asset Hierarchy, Monitored Real Time
Regardless of current spending levels, most Security Operations Centers (SOCs) or in-house IT departments are staffed by competent professionals, but they fall into the “rational actor” trap. Each new zero-day attack justifies a scramble down a hypothetical rabbit hole that may not be appropriate to their bigger challenges. This is compounded by the fact that they do not have access to aggregated data that forms an accurate picture of ranked security assets, enterprise wide. They spend time solving problems, but not always the right problems. Meanwhile, seemingly innocuous network devices can expose critical assets to threats.
Focus on Measurable Improvements Over Time
How does your cybersecurity team judge success or improvement in a way that makes sense to senior executives, decision makers, and technical teams? Most SOCs are not able to corral their data or receive performance feedback. Again, they fall into the trap of working hard without reference to meaningful goals. Separate point solutions for asset, threat, vulnerability, and incident management make it more difficult to see a clear picture of the environment.
Cost and Fit
Finally, the Security Information and Event Management (SIEM) software solutions on the market for defense companies are prohibitively expensive and resource-intensive to operate. They largely ignore “the other 290,000 companies;” small to mid-sized businesses are left out.
MARS Suite was created to serve the aforementioned needs. It is a cyber continuous-monitoring software product that gives clients a common operating picture of what we call a “risk economy” and how each action affects vulnerabilities. Our work with NASA and MDA with network infrastructure, IT, cybersecurity, and software development gave us unique insights into what is expected of mid-sized primes and subs at the highest level of security. We partnered with Mission Multiplier, a rising cybersecurity firm in Huntsville that had the vision to appropriate cost-saving, open-source code in rolling out a commercially available product. The product was tested in our All Points cyber lab. We developed “grades” that allow comparison across business units and over time. This gives every unit a tangible goal, stemming from a common operating picture.
In the context of a formal mentor-protégé partnership, All Points and Mission Multiplier formed a joint small business venture, Mission Innovate, to develop and manage the product. We invested aggressively to make sure that the product was DoD JTIC approved and NSA NIAP tested. NASA’s Marshall Space Flight Center currently relies on MARS Suite for SIEM—there is no higher vote of confidence in our industry. In 2020, our software became commercially available at a yearly subscription cost commensurate with the amount of data managed.
Fit for the Moment (and the Future)
As you can imagine, almost anyone who can concoct a solution for CMMC compliance will try. That is why the CMMC accreditation body created the Registered Provider Organization (RPO) designation. These entities are deemed credible sources of Gap Analyses and overall recommendations. Not only is MARS Suite recommended by third parties after Gap Analyses, but All Points and Mission Multiplier are both RPOs.
Being active in the industry gives us insight into updates and allows us to anticipate how CMMC will evolve—a real benefit to our customers. Our MARS Suite service includes pre-configured hardware, helpdesk access, and ongoing tech support. Businesses can rest assured they are receiving cybersecurity that reflects rapidly evolving trends beyond compliance.
Level 3 CMMC requirements require 130 controls for compliance. DIY SIEM is neither cost effective nor worth the risk of jeopardizing business. MARS Suite is one of the few DoD approved SIEM options priced for small and mid-sized businesses. It immediately accounts for 20-30 controls and gives you a common operating picture for the future.