Trusted Steps: Century Fasteners' Journey through CMMC Compliance with Trava
by Trava, Cyber Risk Management
Explore Century Fasteners' journey through CMMC compliance with Trava's guidance. Witness their commitment to cybersecurity standards and defense in this insightful case study.
About Century Fasteners Corp.
Century Fasteners faced a significant challenge in late 2017 when they received an email stating that they needed to comply with the National Institute of Standards and Technology (NIST) requirements for cybersecurity. This entailed adhering to specific requirements which proved daunting for the company's management. Despite struggling to grasp the full extent of the requirements initially, they gradually gained a better understanding through years of effort.
By the end of 2021, Century Fasteners realized they needed expert assistance to establish a comprehensive compliance program. They partnered with Trava to navigate the complexities of cybersecurity compliance and aimed to achieve a more organized and secure environment by mid-2024.
Challenges and Objectives
The primary challenge for Century Fasteners was to understand and implement the extensive cybersecurity requirements mandated by NIST and the Department of Defense (DoD). Due to their customers' line of work, compliance was crucial for maintaining existing contracts and securing future business opportunities. The company recognized the need to close the compliance gap and sought Trava's expertise to guide them through the process.
The objectives of partnering with Trava were as follows:
Establish an organized compliance program: Century Fasteners aimed to create a structured and comprehensive compliance program to meet the NIST and DoD requirements successfully.
Achieve and maintain compliance: The company sought Trava's guidance to achieve compliance and develop the necessary protocols to sustain compliance in the long term.
Obtain a letter of attestation: Century Fasteners aimed to receive Trava's assurance that they would pass an audit, demonstrating their adherence to the cybersecurity requirements.
Schedule and pass an official compliance audit: Once the company had established compliance, their ultimate goal was to schedule and pass an audit to confirm their adherence to DoD and NIST cybersecurity standards.
“We need to be compliant for contracts with the Department of Defense. They’re a very significant part our business….so that's the impetus to get on the ball."
– Rich Monahan, I.T. Dir., Century Fasteners Corp.
Trava's Role and Impact
Trava played a pivotal role in Century Fasteners' journey towards cybersecurity compliance. Trava's expertise and guidance enabled Century Fasteners to make significant progress in their compliance efforts.
The collaboration involved Trava's consulting services, with dedicated experts providing guidance on meeting NIST and DoD requirements—specifically becoming CMMC (Level 2) (Cybersecurity Maturity Model Certification) certified.
“We’re 110% focused on becoming CMMC-compliant for the Department of Defense. That's my goal, to pass an audit, and that's what Trava is helping us achieve.” – Rich Monahan, I.T. Dir., Century Fasteners Corp.
Through weekly meetings, Century Fasteners received advice, recommendations, and knowledge sharing to help them navigate the complex compliance landscape. Trava's cybersecurity experts became an integral part of the company's team, providing valuable insights and assisting in bridging the compliance gap.
“We just felt like we were treading water and not making the progress needed to pass an audit. So at the end of 2021, we started consulting with Trava. From September to December 2021, we did what they call a gap analysis. And then based on that gap analysis, at the end of 2021, we hired Trava to help us close the gap”.
- Rich Monahan, I.T. Dir., Century Fasteners Corp.
Benefits and Future Outlook
The partnership with Trava yielded several benefits for Century Fasteners:
Accelerated compliance progress: With Trava's assistance, Century has made significant strides in their compliance journey within a relatively short time. Trava will have helped Century be ready for a DoD CMMC (Level 2) audit in less than 2 years.
Enhanced cybersecurity posture: By diligently following Trava's recommendations and implementing robust security measures, Century Fasteners became significantly more secure than before. Their commitment to compliance improved their overall cybersecurity posture, safeguarding their business and customer data.
Expert guidance and support: Trava's consultants became trusted advisors and an extension of Century Fasteners' team. Their knowledge, experience, and ongoing collaboration helped the company overcome challenges and stay on track towards achieving compliance.
“I'm glad we decided to bite the bullet and chase this stuff because we're certainly a much more secure company today."
- Rich Monahan, I.T. Dir., Century Fasteners Corp.
Looking ahead, Century Fasteners plans to continue working with Trava as their trusted cybersecurity partner. The company recognizes the ongoing nature of compliance, and cybersecurity, and the need to maintain the established standards beyond the initial audit. With Trava's assistance, Century Fasteners is confident in their ability to sustain compliance and meet future cybersecurity requirements.
We can help! Talk to the Trava Team and see how we can assist you with your cybersecurity needs.