About Nautilus Cables  

Founded by Bob Conners, Nautilus Cables is a custom cable manufacturing business based in Rosenberg, Texas, that serves the Defense, Hydrographic, Seismic, and Energy industries. Its specialty lies in producing customized electro-optic cables and armored fiber optic cables. Notable customers of Nautilus Cables include the US Naval Undersea Warfare Center, the Applied Research Laboratory at Pennsylvania State, and the Defense Logistics Agency.  

‍

Story Highlights

• Motivation for Compliance: Nautilus Cables had heard about NIST 800-171 cybersecurity requirements over the last few years. The company decided to become compliant in 2022 for two major reasons.  
• Defense Industry Trends: Nautilus Cables has served the defense industry for nearly 30 years. In recent years, the company has noticed a shift from ITAR compliance to NIST 800-171.  
• Nautilus Cables' Path to Compliance: The company tried to address compliance in-house and then used IT Managed Service Providers before onboarding to Atomus.  
• Nautilus Cables' Experience with Atomus: The company has had a great experience with Atomus and has made a number of recommendations to other small businesses.    

The Motivation for NIST 800-171 Compliance  

With experience in the defense industry spanning nearly 20 years, the company's management had witnessed the growing need to adhere to stricter DoD cybersecurity requirements. Nautilus Cables was formed 3 years ago and, in the past, had only been required to be ITAR compliant, which the company managed internally. However, with the increasing demand for NIST SP 800-171 compliance, the company realized that enlisting a third-party service would be necessary. The two main driving forces behind this decision were:  

1. To Bid on Contracts - For almost 2 decades, the company's management has successfully bid on the same contracts without any issues. The latest solicitation reclassified the technical information required to bid on a contract as Controlled Unclassified Information. Consequently, the Department of Defense required all prospective bidders to comply with NIST 800-171 to access said data and bid on the contract. Fortunately for Nautilus, they had a plan with Atomus to become compliant before they found themselves at risk of missing out on an important contract opportunity. However, of Nautilus Cables' 2 other competitors on the same contract, one competitor - who previously held the multi-year contract being bid on - couldn't participate due to their lack of compliance, effectively giving Nautilus a competitive advantage and a greater chance to grow their defense business.  ‍

2. To Get Access to Industry Groups - Despite working on a project with a major prime for an industry conference, Nautilus Cables encountered an obstacle when joining the Undersea Technology Innovation Consortium (UTIC). Joining UTIC was critical to Nautilus as UTIC is a key hub for various programs in which the company is involved. But recently, UTIC mandated all its members to be NIST 800-171 compliant due to the Controlled Unclassified Information discussed in many of their meetings. Without this compliance, Nautilus could not present at or attend important industry gatherings.  

Defense Industry Trends  

In the Defense industry, Nautilus Cables was under increased scrutiny regarding DFARS 7012 and NIST SP 800-171 cybersecurity requirements. Previously, the company only needed to meet ITAR compliance standards, which seemed simple and straightforward compared to NIST SP 800-171.  

However, DFARS 7012 was far more complex and beyond the scope of its capabilities without partnering with an external organization. Unfortunately, newly classified Controlled Unclassified Information (CUI) meant that access to the exact drawings they'd accessed since 1998 was now restricted - raising potential roadblocks to future contracts and expansion opportunities in the defense space for Nautilus Cables.    

Nautilus Cables' Path to Compliance  

Nautilus Cables knew that meeting the NIST SP 800-171 cybersecurity standards by 2022 would be necessary for their success, so they set out to create a plan of action. Their journey had obstacles and blocks, eventually leading to Atomus as their ideal solution.  

1. Approach Internally - The team first tried to become compliant using internal resources. While the company was able to adapt some policies and procedures in the employee handbook, it realized that the cybersecurity requirements would require external help. Therefore, they began looking for a partner to do the heavy lifting to ensure success.  ‍

2. Work with IT Consultants - Nautilus Cables then tried working with local IT consultants but found the traditional IT consultant approach challenging for two reasons. The first was that companies would offer guidance to Nautilus Cables and tell them how to interpret the NIST 800-171 cybersecurity standard but could not implement it. Nautilus Cables was looking for a solution that wouldn't just tell the company what to do but be by Nautilus Cables' side from start to finish while accomplishing all the heavy lifting to guarantee compliance. This situation resulted in high upfront costs without a clear understanding of the next steps or the total cost required to achieve full compliance. ‍

3. Work With Atomus - Finally, Nautilus Cables came across Atomus. Atomus specializes in small businesses in the Aerospace and Defense industry that have NIST SP 800-171, DFARS 7012, and CMMC cybersecurity requirements. This specialized approach sets Atomus apart from other vendors that offer cybersecurity solutions across a broader range of industries. Unlike other vendors, Atomus not only advises customers on how to achieve compliance with these requirements, but also by implementing, monitoring, maintaining, and documenting the necessary controls. Additionally, Atomus offers a clear onboarding plan with a fixed cost and timeline, which sets it apart from competitors.

The Atomus Experience  

After being fully onboarded, Nautilus Cables has been extremely satisfied with choosing Atomus as a solution for NIST 800-171 and DFARS 7012. In the words of Bob Conners, "Nautilus Cables has been extremely satisfied with their experience working with Atomus because, simply put, it works." He describes Atomus as "cybersecurity and compliance in a can for small businesses," highlighting that it delivered exactly what was promised and on a quick timeline.

Nautilus Cables also stated that the onboarding process was very smooth. Atomus was punctual and productive, and Nautilus Cables developed immense trust in Atomus. This trust has been a crucial component of their relationship. As a result, Nautilus Cables has already recommended Atomus to other small businesses that need to comply with NIST 800-171, DFARS 7012, and CMMC cybersecurity requirements.  

"Nautilus Cables has been extremely satisfied with their experience working with Atomus because, simply put, it works."  

Bob Conners  

Owner of Nautilus Cables