Skip to content
Equal Tech Solutions
Anonymized client engagement

From DoD contract loss to CMMC Level 2 ready in 9 months — and a ransomware attack contained in 90 minutes

Manufacturing & Industrial2024–2025

75-person aerospace parts manufacturer · single facility · North GA

Get a free assessment423-599-6006
Result 01
Passed
CMMC Level 2 mock C3PAO
Result 02
90 min
Recovery time on follow-up attack
Result 03
0
OT-side incidents post-segmentation

The challenge

Where they started.

DoD prime contractor disqualified them mid-RFP because they couldn't produce a System Security Plan. Six months earlier, ransomware via a compromised SaaS supply chain had encrypted office systems and taken Epicor down for four days. Plant network and office network were flat, so a phishing click reached the PLCs.

Specific pain points

  • Disqualified from a DoD subcontract — couldn't produce an SSP or POA&M
  • Plant and office networks flat; an office phishing click could reach PLCs
  • Epicor ERP took 4 days to recover from prior ransomware event
  • Backups protected office data but not the line-of-business ERP database
  • No documented IR plan, no tabletop exercise had ever happened

The approach

What we did.

OT/IT separation came first — an attacker on the office side couldn't be allowed to reach production again. Then 110 NIST 800-171 controls were mapped, gaps closed, evidence collected. SSP and POA&M were drafted in parallel so the firm could re-engage the DoD prime as soon as the technical work landed.

What we delivered

  • Network segmentation: OT and IT split with monitored, audited crossings
  • All 110 NIST SP 800-171 controls implemented and documented
  • System Security Plan and Plan of Action & Milestones (POA&M) audit-ready
  • Immutable, air-gapped backup of the Epicor database with quarterly restore drills
  • Documented Incident Response plan + leadership tabletop exercise
  • Mock C3PAO assessment passed; on track for formal Level 2 attestation
  • Compensating controls for legacy shop-floor Windows that OEMs won't certify newer

The outcomes

What changed.

Re-qualified for the DoD contract within a month of completing the SSP. Six months later, a separate ransomware attempt — same threat actor pattern, different SaaS vendor compromise — was contained at the office boundary with zero OT impact and a 90-minute recovery thanks to tested backups.

  • Passed
    CMMC Level 2 mock C3PAO assessment
  • Re-qualified
    DoD subcontract status
  • 90 min
    Follow-up ransomware recovery time
  • Zero
    OT-side data loss in follow-up event
  • Zero
    Unauthorized OT crossings since segmentation
We thought CMMC was paperwork. Equal Tech showed us what 'compliant' actually means — and what it costs when you're not. The night we got hit again, the response was textbook. We slept that night.
Director of Operations, aerospace parts manufacturer

Services involved

The Equal Tech stack behind this engagement.

Cybersecurity

Endpoint detection, dark-web monitoring, phishing-resistant MFA, and security awareness training — built for SMBs.

Network Support

Business-class Wi-Fi, firewalls, SD-WAN, VLAN segmentation, and 24/7 monitoring for offices and multi-site operations.

Server Support

Windows Server, Linux, virtualization, Active Directory, and storage — proactively monitored, patched, and hardened.

CIO Services

Executive-level IT leadership without the executive-level salary — roadmaps, budgets, vendor management, and digital transformation.

More case studies

Other engagements worth a read.

Dental practice

Dental group: HIPAA + Microsoft 365 migration

An East TN dental group running Microsoft 365 through a reseller had no admin access and a HIPAA risk analysis 18 months overdue. We migrated them to a direct tenant, locked down identity, and produced the HIPAA evidence binder.

Accounting & CPA firm

CPA firm: FTC Safeguards + tax-season scaling

A Knoxville CPA firm running into FTC Safeguards Rule deadlines AND chronic tax-season RDS slowdowns. We built the WISP, moved tax-software workloads to Windows 365 for elastic scaling, and tightened identity. First tax season under the new setup was their fastest ever.

Ready when you are

Let's talk about your IT.

A 30-minute call is all it takes to know whether we're the right partner. No pressure, no jargon, no obligation.

Book a free assessment423-599-6006

What to expect

  1. 1
    30-minute discovery call

    We listen first — your environment, pain points, and goals.

  2. 2
    Free IT assessment

    Senior engineer reviews your stack and flags real risks.

  3. 3
    Plain-English roadmap

    Clear scope, clear pricing. Walk away with a plan, not a pitch.