Cybersecurity Maturity Model Certification for Aerol.

Aerol has a Cybersecurity Maturity Model Certification (CMMC) Level 1 assessment based on the requirements of the U.S. Department of Defense Industrial Base Cybersecurity Assessment Center (DIBCAC).

We use a Security by Design approach to cybersecurity based on prevention.  This includes providing clients with encrypted communication channels while protecting their data, designs, and intellectual property.



Justin Powell, IT Manager of Aerol, has shared some of the latest security updates we have implemented as a company. These include:

1. Replaced all network infrastructure with the latest hardware
2. Implemented security cameras within our facility
3. Upgraded to a Next-Gen Antivirus (NGAV)
4. Implemented Security Operations Center management
5. Virtualized several non-virtualized servers into an HCI (Hyper-Converged Infrastructure) cluster to improve backup efficiency and methodologies
6. Implemented a Security Event and Incident Management (SEIM) solution to detect, analyze, and respond to security threats before they harm business operations.
7. Provided cybersecurity training to all administrative-level staff. (Ninjio)
8. Implemented MFA on our VPN to add another layer of security, preventing potential hackers from gaining access to our network using compromised user credentials.

“In today’s environment, online security is essential to a company’s success,” said Aerol CEO Bill Dobbins. Implementing the highest standards of cybersecurity ensures the company’s future and the safety of our clients and their information.”

The cost of a data breach on business.

We all know the saying that time is money. This is especially true when it comes to the cost of data breaches to businesses. The average data breach cost reached an all-time high of USD 4.45 million in 2023, with the manufacturing sector being one of the hardest hit. For small businesses, it’s still an average high of $105,000.00.

According to a 2023 IBM Data Breach Report, companies take an average of 197 days to identify and 69 days to contain a breach. This lengthy time costs businesses millions of dollars. Companies that contain a breach in less than 30 days save more than $1 million compared to those that take longer.

It is also important to be forthcoming when disclosing a data breach. Companies that don’t face major fines put themselves at risk of lawsuits from consumers and independent agencies.

In addition to financial loss, customer and employee trust and the company’s reputation are damaged.

To add insult to injury, following a cyber breach, companies often need to strengthen their cybersecurity infrastructure, implement additional security measures, and train employees to prevent future incidents. These costs can be substantial and ongoing.

To mitigate these consequences, companies are encouraged to invest in robust cybersecurity measures, conduct regular risk assessments, and develop incident response plans to address and recover from potential breaches.

Preventing cybersecurity breaches

Preventing cybersecurity breaches requires a comprehensive and proactive approach. Here are key steps that organizations can take to enhance their cybersecurity and reduce the risk of breaches:

Security Policies and Procedures

Develop and enforce comprehensive cybersecurity policies and procedures. And clearly communicate these policies to all employees and ensure they know their roles and responsibilities. This includes regular training for employees on cybersecurity awareness.

Access Control and Data Encryption

Implement the principle of least privilege to restrict access to systems and data. Only provide employees with the minimum access necessary to perform their job functions. Encrypt sensitive data, both in transit and at rest, to protect it from unauthorized access in case of a breach.

IT Initiatives

Regularly update and patch all software, including operating systems, applications, and security software, to address known vulnerabilities. You should also install and maintain firewalls to monitor and control incoming and outgoing network traffic. Another procedure is to conduct regular security audits and vulnerability assessments to identify and address potential weaknesses in the organization’s infrastructure.

Robust antivirus and anti-malware solutions should also be installed on all devices to protect against malicious software.

Backup and Recovery

Regularly back up critical data and ensure that the backup systems are secure. Also, secure wireless networks with strong encryption protocols and unique and strong passwords are used for access. Regularly update Wi-Fi passwords and consider using a separate network for guests.

By implementing these measures and staying informed about the latest cybersecurity threats and best practices, organizations can significantly reduce their vulnerability to cyberattacks. Remember that cybersecurity is an ongoing process, and regular updates and improvements are essential to adapt to evolving threats.


  1. Cost of a Data Breach Report 2023 IBM/Ponemon Institute, LLC.