Electronics Manufacturer Retains Sales and Gains Crucial Knowledge through One-on-One Cybersecurity Coaching
Company Profile
Founded in 1999 by Frank Nichols in Vancouver, Washington, Silicon Forest Electronics is a full-service electronics manufacturing services company. They provide prototyping and full-turnkey production services for a wide range of customers in the medical, defense, aerospace, unmanned systems, industrial, and instrumentation sectors. The 85-employee business has won multiple industry awards and numerous regional business awards.
Situation
The industries in which Silicon Forest operates are rife with cybersecurity risks, and the electronic components it produces for medical, defense, and aerospace companies are vital. Working with the defense industrial space and with the Department of Defense, Silicon Forest must meet Cybersecurity Maturity Model Certification (CMMC) requirements regarding practices and controls to protect the defense industrial base from complex cyberattacks. The current standard is CMMC 2.0. After Impact Washington received a Department of Defense grant through the Washington State Department of Commerce, Impact Washington identified Silicon Forest as a potential participant. The company applied for the assistance in November 2020, receiving $10,800 in funding, which covered 64% of the cost necessary to pay for coaching to close any priority gaps.
Solution
The relationship between Impact Washington, part of the NIST MEP National Network, and Silicon Forest Electronics is a longstanding one. Silicon Forest and Impact Washington belong to many partner organizations in the defense and aerospace sectors, such as PNAA (Pacific Northwest Aerospace Alliance) and PNDC (Pacific Northwest Defense Coalition, which opened the doors for a successful partnership surrounding the Department of Defense grant.
As a Department of Defense (DOD) contractor, Silicon Forest Electronics needed to ensure its systems complied with the new NIST Special Publication 800-171 requirement for protecting controlled unclassified information in non-federal information systems and organizations. Working with their information technology staff, Silicon needed out-of-house expertise and support to address the government regulation, especially given the requirement's looming timeframe. The initial engagement began with a Gap Assessment, which helped interpret the guidelines, assess vulnerabilities, and execute improvements before the strict compliance deadline. Following the assessment, one-on-one coaching sessions were held from March thru May of 2021 by an external CMMC accredited cybersecurity expert.
Results
The partnerships described above proved successful on several levels. Most quantifiably, the cybersecurity coaching allowed Silicon Forest to retain $20,000,000 in related sales. The work also improved Silicon Forest's experience in cybersecurity implementation when cyberattacks are on the rise and becoming increasingly complex. Silicon Forest's IT champion for this effort is Matt Smith. He continues to engage with Impact Washington to grow his cybersecurity knowledge by attending monthly Cybersecurity Forums offered by Impact Washington and PNDC. Matt's knowledge allows him to continue leading Silicon Forest's cybersecurity journey.
“Impact Washington was instrumental toward assessing where we are on the ever-changing CMMC Compliance Landscape,” Matt Smith, Systems Administrator