The Secret Behind Technical Certifications

They're expensive and hard to get, but one small tech firm says technical certifications have helped it win deals and compete against much bigger players. And we thought they were just for bragging rights.

EmeSec, aReston, Va.-based government contractor, was recently accredited as a FedRAMP third-party assessment organization, so it can now officially determine if cloud service providers that want to work for government agencies are meeting certain federal security requirements. Founder Maria Horton has also gone through the rigorous process of getting ISO standards, including ISO 20000 (service management) and ISO 27000 (information security management systems). Maria, who launched the company in 2003, says it's helped the company win some of the sensitive information assurance and cybersecurity contracts it goes after and compete with bigger players.

The 40-person company has seen huge cybersecurity changes since it first started in the space a decade ago. Customers like DOD, FAA, and DOT are looking to contractors for more technical capabilities related to blocking, preventing, and identifying vulnerabilities. Five years ago, the focus was on security policies and procedures. She doesn't expect sequestration to have a major impact on the small business, since the work is sensitive, but she says EmeSec will look at doing more joint ventures to expand its offerings.