Cyber Assessment and Readiness (CAR)

Our solution will:

  • Provide a comprehensive assessment of your gaps with NIST SP 800-171 and current CMMC 2.0 guidance
  • Develop a plan to demonstrate compliance at the lowest possible cost
  • Provide added protection against breaches and malware
  • Train your staff how to practice good cybersecurity
  • Provide evidence for customers and regulators to prove you take cybersecurity seriously


You Get the Complete Solution

  • Annual risk and gap assessment – we find the gaps between your company and NIST SP 800-171/CMMC, and help you address them.
  • High Value data inventory – High Value datasets that need elevated levels of security controls
  • Third party vendor assessments – review each tier of the supply chain for appropriate security controls
  • Train your users on common cybersecurity mistakes – monthly training videos that are reviewed on demand.
  • Detect suspicious activity – analyze firewall logs for indications of an attack.
  • Secure computing – Review system configurations for alignment with industry best practices.
  • Secure mobile devices – checklists and tests to make sure your smartphones and tablets are configured properly.
  • Incident response tests – quarterly phishing campaigns that will test how your employees will behave if targeted.
  • User security tests – quarterly reviews with users to confirm that your security controls are maintained.
  • Find the vulnerabilities before they are exploited – quarterly scans of your high value systems and of your enterprise.
  • Monitoring for suspicious changes – on-going monitoring of your network and DNS records to identify potential threats.
  • Executive cybersecurity briefings – semi-annual reviews of your security plans and outline current ongoing risks.
    CAR logo

Cost and Purchase Options


  • CMMC Readiness Assessment

This assessment, a series of predefined questions about the current state of their organization’s security controls, will be done through a survey that ITSC will provide. The analysis of the assessment is a spreadsheet highlighting where there are gaps in security controls for CMMC levels 1-3, depending on a predetermined level.

Cost: $1,500 | CMMC Levels 1-3



  • COMPACT Deliverables +
  • Dashboard with findings explained
  • Plan of Action and Milestones (POAM) with remediations
  • Review of current ISPs and SSPs
  • Security Policy Templates

Cost: $7,000 | CMMC Level 1



  • ECONOMY Deliverables +
  • INTERIM RULE Deliverables +

Cost: $9,000 | CMMC Level 1

  • 17 Practices

Cost: $25,000 | CMMC Level 2

  • 110 Practices aligned with NIST SP 800-171



  • INTERMEDIATE Deliverables +
  • Virtual Chief Information Security Officer (vCISO)
  • Hands off autonomous option providing the highest level of service

Cost: Call for a customized quote | CMMC Levels 1-3


CAR Package Add-On


  • DoD Interim Rule Assessment
  • Review of current ISP and SSP
  • IT Security Policy Templates

Cost: $3,750


For more information email

Cybersecurity Training – Cyber Awareness & Training (CAT)

Provides cyber awareness and training in the following areas


  • Cyber Hygiene Basic
  • Phishing
  • Controlled Unclassified information (CUI)
  • Physical Security/Device Management


  • Threat Management
  • Advanced Cyber Awareness
  • Secure Architecture
  • Initial Cyber Forensics
  • How to Build a Security Operations Center (SOC)
  • Incident Response
  • Risk Management
  • Vulnerability Management Best Practices
  • Penetration Testing
  • COOP/DR Planning


  • Red Teaming
  • Artificial Intelligence (AI) Discovery and Automation
  • Advanced Threat Analytics and Incident Recovery
  • Enhanced Insider Threat Programs


For more information email


Virtual Chief Information Security Officer (vCISO)

ITSC provides adaptive vCISO solutions that fit SMB enterprises.


For more information email


ITSC Virtual Security Operation Center (vSOC)

Flexible Security for Any Architecture


For more information email


Virtual Incident Response (vIR)


For more information email