Cybersecurity Compliance

Business Speak

Today’s challenges with keeping up with compliance policies, standards, rules and laws can be exhausting.  Especially when you are trying to prepare your organization for the CMMC compliance (to do business with the U.S. Department of Defense) and or any other government agency.    Preparing yourself for these compliance and checklist can cause some anxiety and apprehensions. 

We meet with Dan Foote who shares with us how he is rolling out a cyber investigation service to bring clients compliant and what you need to know. 

 

Foote

 

 

Video Transcription

Harry Brelsford  0:24 

Okay, we're friends. Hey, SMB Nation. I'm with Dan the Man. How you doing?

Dan Foote  0:36 

Well, how about yourself?

Harry Brelsford  0:38 

I like that Dan. I am up here in Anchorage, Alaska just because of just because grew up here as a kid. And here, here I am. what's the what's what's the world with dad right now as we start to go into q4 and wrap up the year

Dan Foote  0:52 

For the q4 for DanTech services. We're starting to roll out a cyber investigation service to bring clients into compliance whether it's HIPAA, what got us going down this track is a client that has to be cmcc. MC qualified to 71. Department of Defense. Yep, yep, it is a monster. It is an absolute monster. The first set of sheets is like 17 work pages.

Harry Brelsford  1:28 

And how many of you, let's talk about that, because some of the vendors in the world of SMB nation have targeted at all the way from Connectwise down to I'm going to forget the others, but several, raise their hands. And we want to have that conversation. I think Rapidfire tools is done that that's your system where you So talk to me. What's the story?

Dan Foote  1:47 

 Well, it's actually a two component system. One is the cyber Hawk side, which scans networks and looks for looks at the machines on the network, the network itself, the devices on the network, and basically does an assessment on all of those, which there they are really good.

Harry Brelsford  2:10 

Oh, yeah, absolutely.

Dan Foote  2:12 

And then they have a compliance manager, which is another layer on top of this, that, depending on what you select, you can do cyberinsurance audits, you can do. You can do cmmc, there is literally a laundry list of different sections that you can check off. And you can actually do multiples, because there are companies that need to be met, you might want your cyber liability insurance to be in line with your HIPAA audit or your cmmc audit. And it is intense. It is grueling. Yeah, I've got a

Harry Brelsford  2:59 

man with no names, what kind of either what client Do you have or clients who you're targeting? Let me frame that up. For those that don't know, you know, we're from Alaska, we traded places, actually, I moved to Seattle, he moved to Alaska, and we waved at each other. But Alaska's economy, I wouldn't say this one's got a huge public sector, it's got a huge defense sector with the basis. I don't know if it's over 50% of the economy, but it's a big part of the economy, government. So there's going to be contractors that have to support that. And now you can answer my question, Who are you serving? Or who are you targeting with CMMC.

Dan Foote  3:38 

Right now, we're working with one company that, you know, you got to learn this stuff, some ways. And so we have an engineering firm that we're working with, that has some does subcontract and work for some DMV contractors and they have to fall under the same restrictions as the actual primary contract. And so we're wrapping up in that direction. My cybersecurity Tech has just received his master's here recently I think that man Yeah. So he we were actually sending him to a class here shortly to that will take him through this whole process so that we can get him certified. But it is admit as a very involved and there's it's like 110 point system or something. Yeah. And you have to check off every single box tonight.

Harry Brelsford  4:40 

Nutrisystem check.

Dan Foote  4:43 

109 doesn't cut it. It's all 110. Yeah, so it's really expensive. So I'm apprehensive and expected all at the same time. You know, it's that mix between anxiety and The expectations so that this is a revenue generating

Harry Brelsford  5:08 

holiday every day. You think outside the border, you travel extensively, especially when we're allowed to travel, see the shows. So I'm assuming that it's going to be that you're already thinking ahead beyond Alaska's borders. I mean, that's kind of how we're

Dan Foote  5:26 

we're looking at that we were going to be involved with a conference here in a couple months. Unfortunately, that's been canceled now. But our goal there was to actually introduce a product, that to a number of businesses, that is basically a infrastructure in a box, actually, it's called unbox. And it's, it's built by Cisco.

Harry Brelsford  5:50 

 Yeah, that guy. Yeah.

Dan Foote  5:53 

And they have a really good system that can be virtually plug and play, and allows us to build a structured secure network. And, you know, when we're talking about Rapid fire tools, and being able to do external assessments, if you don't have holes punched in the firewall to get something on the inside. You might see the IP address there. That's it. Yeah. You can't see anything. Yeah. So it's it is it's like a blank wall, which is a lot better than most firewalls of any other type. Yeah. So we're very pleased with working with that. Well, they've been fantastic. I'm

Dan Foote & Harry Brelsford  6:36 

reminded the gentleman's name Tom Alexander. Out of Portland, Oregon. Oh, yeah. Yeah. No, he is. Nice. Scott. Final question. So some of the morning news, we are 100 days away from Christmas, you know, they always shoot on the other side of the neck up quick. And scary. Lee is usdf here today. I believe that Cassia conference is still on? I'm gonna say it's the third week of October. in Vegas, there's been some cancellations. We've had that talk. Is that her understanding today? Would you consider going to Cassia? Because the rapid fire tools, you know, I? Maybe I consider it. It's amazing how two years ago I didn't have a single per se a product. And now I think I have five? Yeah, yeah. And I looked at my billing for the sake of each month and then just shrug my head and shake my shoulders. What do you do with that? So the products that we have with them are generally really good. Yeah. And the rapid fire tools is one of those premier Yeah, it is. It is. Yeah, some good friends over there. Yes. All right, a friend. Thanks, sir. All right. The Book of big secrets.