Sealevel addresses security concerns from device, location and cyber perspectives. The security team at Sealevel has completed our NIST 800-171 self-assessment and published specific documents including a Cybersecurity Policy, System Security Plan and a Change Control Document for NIST 800-171. We are continually evaluating and improving our anti-virus and Data Loss Prevention solutions as well as our network security. Sealevel is actively working to achieve NIST 800-171 compliance.
About NIST 800-171
NIST 800-171 is the National Institute of Standards and Technology Special Publication 800-171. The publication includes standards and guidelines to protect controlled unclassified information (CUI) – potentially sensitive information not regulated by the federal government. Using NIST 800-171, each government agency must follow guidelines for handing CUI. There are 14 security requirement families:
- Access Control
- Awareness and Training
- Audit and Accountable
- Configuration Management
- Identification and Authentication
- Incident Response
- Media Protection
- Physical Protection
- Personnel Security
- Risk Assessment
- Security Assessment
- Systems and Communications Protection
- System and Information Integrity
The U.S. Department of Defense created the Cybersecurity Maturity Model Certification (CMMC) as a standard to protect controlled unclassified information (CUI) that is handled by contractors. These contractors come from many industries, including but not limited to defense, finance, law enforcement, aerospace, exports, legal, immigration and infrastructure. Contractors desiring CMMC compliance must be audited by a certified CMMC Third-Party Assessor Organization (C3PAO). The auditor will search for any security weaknesses, and contractors have 90 days to resolve them. Certification is valid for three years. There are five certification levels and each higher level incorporates the security standards of the prior level:
- Basic Cyber Hygiene
- Intermediate Cyber Hygiene
- Good Cyber Hygiene
Within its five certification levels, the CMMC builds on and includes all NIST 800-171 guidelines as well as other cybersecurity standards and guidelines recognized by the DoD.
Mission Critical Military Applications
For over 30 years, Sealevel has exceeded the expectations for every major US and Allied military contractor including Northrop Grumman, Raytheon, BAE, Boeing, L3Harris, General Dynamics, NAVWAR, NAVAIR and SOCOM.