Medical Device Testing White Paper 2023
Medical device pen testing plays a crucial role for healthcare organizations to ensure patient safety and to protect sensitive data.
Read article
Praetorian Secure is proud to be a pre-qualified Vendor for the Michigan Defense CyberSmart Program (MEDC)
&
INTRODUCTION
The Michigan CyberSmart Program was created to help Michigan businesses with their Department of Defense (DoD) cybersecurity compliance. This program was also designed to help save our nation’s federal supply chain—and your business.
Praetorian Secure and The Michigan Defense Center (MDC/MEDC) are dedicated to supporting SMB’s throughout the State of Michigan by providing grant funding and cybersecurity services for NIST 800-171 and CMMC compliance up to the amount of $22,500. This grant was designed to address any deficiencies in IT infrastructure, and to help Michigan SMBs become fully compliant with DoD cybersecurity requirements.
Praetorian Secure is a qualified vendor and we are looking to assist local Michigan businesses with this fantastic initiative that is sponsored by the State of Michigan and as part, we are doing our best to put the word out to the masses and help offset compliance costs.
THE PROCESS IS SIMPLE
Phase 1
- Apply for your Standardized NIST 800-171 Gap Analysis at a pre-negotiated cost of 1,500
- Start your application process here
- Begin your application by clicking the Apply Now” button on the Bid Targeting System (BTS) Website
- Fill out Business contact Info
- Under Vendor Preferences find Praetorian Secure in the list and select the check box next to our name (Praetorian Secure)
- Submit the registration for the Michigan Defense Center’s Cybersecurity Compliance Program
- Now we will be assigned as your vendor, and we can conduct a standardized Gap Analysis for your company
- Once the Gap Analysis is completed, we will provide your company with the information needed to complete your POAM and SSP (helping you get one step closer to NIST 800 and/or CMMC compliance)
- Also, we provide the info needed to register and submit a SPRS score to the federal Supplier Performance Risk System (SPRS) if needed
- Link to SPRS Quick Entry Guide for NIST 800-171 here
Phase 2
- After completing Phase 1 Gap Analysis the next steps are as follows:
- Work with us to develop a Scope of Work (SOW) and Line-Item Budget
- Have us (your vendor) submit the SOW to the Michigan Defense Center for review
- Before the grant money can be received you will have to pay 25% cost matching commitment of the total value of SOW
- Once approved the project will begin and we will complete it in a timely matter (agreed upon in SOW)
- When completed the grant funding covering 75% of the proposed SOW budget will be distributed to your selected vendor directly by the State of Michigan to pay for most of your project
Additional Info
- Michigan Defense Remediation Grant – Max project price must be equal to or less than $30,000
- 75% cost match up to $22,500 total to remediate and cover consulting fees
- Must pay 25% or $2,500 max. upfront to receive the secondary funding from the state
- Your company needs to submit proof that you are an existing DoD prime contractor or subcontractor to be eligible for grant funding
- Must verify your an actively doing business with the DoD
- Easiest way to verify this is to get a written letter from prime/sub that states they are currently doing business with your company
WHY CHOOSE US
- Compliance Experts
We have worked with many companies since 2009, varying in size, successfully reach compliance in NIST, CMMC, DFARS, HIPAA, etc. - Simplified Process
Our experts make the complex process and technical aspect of compliance easy to digest for anyone and everyone. - Customer Satisfaction Guaranteed
A major component of our businesses success and culture is based on client satisfaction and feedback. We strive to make compliance a sensible process. A process that you can understand the reason behind why you should do it and not just blindly follow it because it is a business requirement.
DOWNLOAD OF CMMC 2.0 CYBERSMART PROGRAM GUIDE
WHAT CLIENTS SAY
DS Digital Consulting
Director
“The Praetorian Secure team is outstanding. They treat Penetration testing projects like a partnership, working hard to protect patient and researcher data on all projects. They are easy to collaborate with, providing in-depth analysis, reporting, and guidance. We highly recommend them!”
Quantix, Inc.
Senior Account Executive
“Their team is great to work with and they truly care about partnering with their clients. They clearly have the experience and expertise to solve your cybersecurity and compliance challenges. Their services are second to none and include application security, consulting, testing, training, compliance and third-party risk management. I would definitely recommend them!”
United Health
Director office of Information Assurance and Compliance
“Praetorian Secure was a knowledgeable and experienced component in our operation that provided expert services. Their professionalism and dedication to purpose in our critical solution was a necessary component in our overall success, a job well done.”
USMA
Associate Dean of IT & Education
“They provided professional and dedicated services that demonstrated their expertise with the DIACAP process. A true pleasure to work with.”
MetLife
VP and Program Lead
“The skilled security professionals at Praetorian Secure were key members of the project team. Their insights and knowledge, around government security requirements, were essential ingredients to the success of the program.”
MetLife
President of Americas IT
“I have worked with Praetorian Secure and would highly recommend this group of security professionals. My company engaged with Praetorian to enhance our systems security to meet the requirements of a large scale government contract. Praetorian brought a team of highly skilled and experienced professionals to our project and guided us to success.”
Qmatic
VP of Operations
“Praetorian Secure has been instrumental in our efforts to achieve DIACAP accreditation. As a technology provider, we must undertake the task of ensuring our solutions meet the security requirements of the Department of Defense. With Praetorian’s expertise in this field, they have been a key partner in moving this process forward.”
MSU
PCI Compliance Officer
“I have been working with Praetorian Secure since last spring and I have been very happy with them. They were agreeable to working within the constraints of our industry sector and to help develop a package of services that met our needs and fit our budget. Their staff is filled with experts who brought their experience in diverse market segments to bear in our organization, delivering a big bang for the buck that went beyond our expectations. They worked hard to understand us, so they could give us not just what we wanted, but what we needed as well.”
Xerox
Division IT Compliance Lead
“I had the opportunity to work with Praetorian Secure on a very large project for a Fortune 100 company. Praetorian demonstrated an array of expertise providing guidance in the areas of DIACAP, NIST, and PCI. Integrity was a constant in every engagement with Praetorian. I would highly recommend their services and personally look forward to the opportunity to work with them again.”
Points Of Light
Director of Recognition
“The resources, insight, and expertise we have received from Praetorian Secure is exactly what we needed as a non-profit organization (NPO) trying to achieve NIST/RMF compliance with a government agency. We would not have been successful, or had the capacity or knowledge, to be able to complete the major task at hand without them.”
POINT OF CONTACT
BRENT BERNARD
Co-Founder of Praetorian Secure and P.O.C. for compliance related projects.
If your looking to gain valuable insight into your compliance project and how we can assist Brent is your guy. He is well verse across all verticals but he has been working in compliance for over +20 years and is no stranger to the rules and guidelines of NIST, CMMC, HIPAA, etc. If you have a question related to anything compliance or about an upcoming project, Brent would be happy to assist you.
Call (248) 953-3853 or email at brent.bernard@praetoriansecure.com
FROM OUR BLOG
Implementing A Zero Trust Architecture
Guide to Implement a Zero Trust Architecture. Using a zero trust security model can enhance your cybersecurity & protect assets from threats.
vCISO vs GRC Software
Make a decision between a vCISO vs GRC Software can be difficult at first. Our goal is to help simplify that for you…
vCISO Flyer 2023
A vCISO resource fills the gaps in your existing workforce. Some benefits of our vCISO are scalability, reliability, and zero turnover…
DCRI Client Video – Praetorian Secure
Praetorian Secure works with client from all industries including educational institutions and clinical health organizations such as DCRI…
Virtual CISO Program Overview
Need extra support with your cybersecurity objectives? Download Our Virtual CISO program overview to better understanding how we can help.
CMMC Made Easy
CMMC Made Easy Looking to learn more about CMMC?Learn how to be compliant with CMMC 2.0 in the quickest and easiest way possible. This is a made easy guide for government contractors and 3rd party sub-contractors. Please enable JavaScript in your browser to complete this form.Name *FirstLastCompany Name *Business Phone *Email *EmailConfirm EmailNameDownload CMMC Made…
Complete guide to NIST 800-171 Compliance
Learn how to handle your NIST compliance requirements with our complete PDF guide for NIST 800-171. Download the PDF today to get started.
CMMC Compliance PDF 2023
CMMC Compliance PDF 2023 Looking to find out what services we offer?Download Our CMMC 2.0 Compliance PDF overview. This can help your team determine if our CMMC program offerings would be a good fit. Just fill in your info below to gain access to this exclusive content via a link sent directly to your email.…
HIPAA Compliance PDF 2023
Our HIPAA Compliance Service pdf provides insight on whether or not our compliance experts can help you solve your current requirements.
Pen Testing Services PDF 2023
Download Our Pen Testing Service pdf to determine if your organization could benefit from deploying one or more of our pen testing services.
HIPAA Compliance Checklist
Download out HIPAA Compliance checklist to find out if your organization is up to par with the compliance requirements. If not we can help…
Public School Dilemma: Lack Of Cybersecurity Is A Threat
The US public school system is facing a growing cybersecurity crisis that is not going anywhere without a smart and efficient solution…
Anonymous Clinical Research Institute – Client Success Story
We helped DCRI secure their web application by pen testing to ensure no vulnerabilities were present when the app went to final production.
Protecting SMBs in Michigan & Florida
Protecting your SMB in todays landscape can be tricky. Investing in security is the best way to overcome this. Schedule a Gap Assessment…
8 Best Practices for CMMC Compliance
CMMC 2.0 is part of an increased effort to promote the adoption of CMMC best practices for DoD operations.
A Brighter Cybersecurity Horizon – Praetorian Secure
A Brighter Cybersecurity Horizon – Praetorian Secure
Cybersecurity Service Brief
Cybersecurity Service Brief Looking to find out what services we offer?Download Our 2022 Cybersecurity Service Brief. It covers the general services we offer, markets we service, showcases some of the past customers we have done business with and more. Just fill in your info below to gain access to this exclusive content via a link…
Vulnerability Assessment vs Pen Testing
Multiple regulatory compliance requirements have made changes as of late that involve adding Penetration Testing to be performed on an organizations environment. With this added requirements comes added complexity…
Building an End-To-End DevSecOps Pipeline: AWS
In part 3 we cover general tools, services, architecture, and methods used to create a DevSecOps pipeline in AWS (Amazon Web Services).
Building an End-To-End DevSecOps Pipeline: Microsoft Azure
In part two, we will discuss building a secure DevSecOps Pipeline using the Microsoft Azure DevOps family of products and services.
Building an End-To-End DevSecOps Pipeline: An Overview
When building a DevSecOps Pipeline integrate security into the SDLC. improve development speed and security simultaneously…
SAST vs. DAST vs SCA: Which Application Security Testing Method Works Best?
Every testing tool and method used will have advantages and disadvantages including DAST, SAST, SCA, IAST and any other application security testing (AST) method. As your trusted experts, we will gather all the info we need and then provide a solution based on your organization’s SDLC needs.
Another Ransomware Attack On Healthcare
Scripps Health falls victim to ransomware attack. They had to divert critical care patients. Remember to re-evaluate your cyber hygiene often…
Threat Modeling 101
The main objective of threat modeling is simple, prevent all threats from taking advantage of the system flaws in an application.
Protecting Your Critical Cyber Assets
Protect your cyber assets from cybersecurity threats. We can help you define “what is” a critical assets and design a plan to protect them.
Data Privacy Day Stay Safe Online – Downloadable Toolkit
Data Privacy Day occurs every year on January 28. The purpose of Data Privacy Day is to raise awareness to data privacy and best practices…
Cybersecurity Awareness Month Champion – Praetorian Secure
National Cybersecurity Awareness Month (NSCAM) – Praetorian Secure Joins Far-Reaching Initiative to Promote Awareness of Online Safety & Privacy Praetorian Secure commits to be a Cyber Security Champion and to promote National Cybersecurity Awareness Month (NCSAM) on Oct. 1, 2019. Furthermore, NCSAM is held annually in October. Sign up as a Champion/Partner and join…
Staying Safe on Public WiFi
It can be inevitable at times to avoid using a public Wi-Fi network. One should abide by certain practices to protect themselves from…
Mobile Security Threats
Mobile security threats or otherwise known as hidden vulnerabilities are becoming increasingly popular among cyber actors…
Small Business Cybersecurity: What You Need to Know
Cyber Security Programs for SMBs are becoming extremely common since the recent surge in attacks show criminals are choosing SMBs as the new PRIME target…
OWASP Top 10 – #8 Insecure Deserialization
Coming in at #8 on the OWASP Top 10 List – 2017, Most Critical Web Application Security Risks is Insecure Deserialization. This vulnerability occurs when untrusted data is used to abuse the logic of an application or application program interface (API).
OWASP Top 10 – #9 Using Components With Known Vulnerabilities
Next, at #9 on the list, we have the use of components with known vulnerabilities. While this might sound easy to avoid, tight time constraints might cause developers to use whatever libraries it takes to get…
OWASP Top 10 – #10 Logging & Monitoring
With the recent growth of web-based applications, it is more important than ever to keep security in mind when developing or maintaining these applications. The Open Web Application Security Project (OWASP) has a list of…
Top 5 Cybersecurity Mistakes To Avoid
As most of us know, being responsible for cybersecurity and how it is perceived by an organization can be a rather thankless task. Very seldom is our job function(s) even noticed — unless of course our job was not done properly. With the onslaught of virtualization, mobile computing…
Risk Management Framework (RMF) DoD IT Transition
Any organization familiar with the inner-workings of the Department of Defense (DoD) Information Assurance (IA) world knows that a high level of expectation goes into the adequate protection of data. Those same folks also know that very seldom is the expectation ever achieved…