Determining the Correct Cyber Compliance Level

 

Why is it important to determine the correct cyber compliance level for your company?

Determining the correct cyber compliance level for your company could potentially save tens of thousands of dollars and months of work. It is based on the information that you receive and must protect.

If a company only receives Federal Contract Information (FCI), and they do not receive Controlled Unclassified Information (CUI):

• They only need to accomplish 15-17 foundational cybersecurity controls.
• Many companies are doing some of these already.
• In most cases, the gaps can be closed in less than a week.
• With full-time out-sourced support (the most expensive path), it only costs several thousand dollars.

On the other hand, if a company receives CUI:

• There are 110 cybersecurity controls that must be accomplished.
• It takes at least 6-18 months to complete all controls.
• It is about $100k in various expenses to close all gaps.
• There are ongoing operational costs for network security monitoring.

This is a significant business decision! In order to help you make an informed decision on the correct cyber compliance level for your company, contact Purdue MEP today.

Want to know more about Cybersecurity? Don't risk being unprepared. Purdue MEP's Cybersecurity program can be the resource you need!

 

Writer: Gene Jones, 765-496-7802, jonesew@purdue.edu