Jeff Westeman has been sounding a warning bell for years about new cybersecurity standards for businesses that have federal contracts with the U.S. Department of Defense.
President and owner of Black Anvil, LLC, Westeman said a lot is at stake for area companies that do business with the Defense Department. At issue is CMMC — Cybersecurity Maturity Model Certification.
“If you don’t meet those requirements, you don’t get a federal contract. Period. We’re going to start losing jobs,” Westeman said.
Westeman started Black Anvil in 2015 after working almost 25 years at Triumph Structures Wichita. Triumph was Excel Manufacturing when Westeman began his career there, and it had about 18 employees. By the time Triumph Group bought the company in 2006, Westeman said, there were about 200 employees.
“In a small company, you wear a lot of hats,” Westeman said. “I kind of became a problem solver for the company. The joke was I was the director of stuff. I just did anything that needed to be done that no one else was doing.”
Now, Westeman works with small businesses to identify what they need to do to comply with cybersecurity standards and to provide direction on implementation.
“When I started seeing the requirements, I thought to myself, we’re going to lose jobs if we don’t start taking this seriously in Wichita. I just dove into it and tried to become as educated and knowledgeable about it as I could so I could help small businesses,” he said.
Westeman said Black Anvil is working with about a dozen companies at different levels.
“At Triumph, I was responsible for the company’s compliance to ITAR (International Traffic in Arms Regulation),” he said. “This is a U.S. government regulation for companies performing work on defense contracts. About 70% of our work was defense-related. We actually manufactured over 50% of the airframe for the Blackhawk helicopter. So, we had very strict requirements for security in the company, including cybersecurity.
“When the new NIST 800-171 requirements came out in 2016, I realized that a majority of the security measures I was responsible for at Triumph would be required at all the small businesses that were my clients, and most of my clients didn’t have the resources to implement them. My goal was to become Wichita’s expert on the subject. To provide companies with a cost-effective solution to assess their compliance to the new standard, I created a proprietary tool to analyze their current state and compare it against the requirements. The tool then identifies deficiencies and generates a detailed action plan for the company to drive implementation of solutions to close those gaps.”
Westeman started working out of Groover Labs this year.
“I like the vision of what they were wanting to accomplish — creating an ecosystem and a community where we could all help each other solve different problems and help Wichita sustain and grow jobs,” he said.