Scroll Top

Cybersecurity Project, NEAP Assessment


Located on Timberwolf Boulevard in Holland, Ohio, sits an award winning, veteran owned, rugged electronics and software developer, Electronic Concepts & Engineering, Inc. (ECE). Established in 1991, ECE built their company to offer a full range of electrical engineering services specializing in military and aerospace electronics, automotive electronic design and industrial electronic systems, whose customers today range from small, medium customers to numerous Fortune 500 companies.

To continue to work with the military and on government projects, ECE along with all companies servicing DoD contracts needed to meet Cybersecurity Maturity Model Certification 2.0 (CMMC) requirements that were announced to appear standard in all contracts starting in the fiscal year 2026. Meaning all DoD contractors needed to comply in order to bid on work.

ECE was looking to secure and maintain a Level 3 CMMC certification under these new regulations, which includes obtaining NIST 800-172 APT compliances, along with being complied with Level 1, and Level 2 requirements.

To maintain and reach these new certifications, Electronic Concepts & Engineering, Inc. contacted CIFT, an MEP partner with a unique position of manufacturing experts and resources immediately available to guide companies through the NIST and MEP programs, including the new CMMC 2.0 requirements.

CIFT introduced TechSolve, a fellow Ohio MEP Partner who is an expert in helping DoD contractors work towards CMMC compliance, to assist ECE with putting a plan in place to reach CMMC Level 3.

“Bill Hoyt – IT and Engineering – TechSolve and Joe Anderson was a fantastic resource and we greatly appreciate Ohio MEP in helping facilitate our connection!”

Techsolve first needed to perform a cybersecurity risk assessment to determine where the company was in accordance with the new Current Maturity Model Certification program 2.0 requirements, so as to continue as a certified supplier.

These assessments included – reviews of current documentations, plan of action, SSP, security tools, regulatory and industry risks, a file, storage, encryption review, SER, along with a disaster recovery plan and incident response plans among others.

TechSolve reviewed and assessed ECE’s current data marking procedures, and worked with ECE to refine

and improve the documentation, data classification and role-based access control (RBAC) documentation, to ensure that ECE has an optimized data classification process that will be based on the principle of least privilege. It also defined which roles would have access to which types of data and any remediation. Remote and in-person training for ECE employees was also provided.

ECE retained $100,000 of sales, with $300,000 in increased sales, with compliance of the new certifications and regulations along with saving $12,000 invested and provided avoidance of $5,000 in additional unnecessary investments.

CIFT’s manufacturing team will help guide your company through this entire process. The end result will be continued and uninterrupted business with the DoD under the mandated CMMC 2.0 requirements, including assessment through compliance.

Related Posts