With the Department of Defense (DOD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.
What is DFARS 252.204-7012 and NIST SP 800-171? Read More »
Adopt the RMF to cope with growing risk and comply with strict legislation— think defense (DFARS), healthcare (HIPAA), and retail/payment (PCI).
Understanding the NIST Risk Management Framework (RMF) Read More »
DOD has issued two additional guidance memoranda in the last 60 days further solidifying the DOD intent to enforce compliance. Contractors should be actively be addressing NIST 800-171 compliance.
Breaking News: Audits of DFARS clause 252.204-7012 are underway, Are You Ready? Read More »
In 2019 Prime and Subcontractors can expect to be audited against actual implementation the DFARS 252.204-7012 & NIST 800-171 security requirements. For those taking a wait and see approach to the impact of your ability to do business with the DOD without implementing NIST 800-171; you just got your answer, 2019 will be a year of reckoning for non-compliant Prime and subcontractors. With the ability to request a contractor’s plan to track flow down of Covered Defense Information (CDI) and request the contractor’s plan to assess the compliance of their own suppliers, Prime contractors are expected to document and demonstrate enforcement of their own supply chain’s compliance. If you have delayed documenting your SSP, POA&Ms or actually implementing the NIST 800-171 requirements, CyberSheath can lead your efforts to achieve compliance by conducting a gap assessment of your compliance with NIST 800-171, writing the required System Security Plan (SSP) and leading your implementation efforts.
As a subcontractor on a Department of Defense contract, you have likely had flow down requirements from your primes related to DFARS clause 252.204-7012, commonly referred to as NIST 800-171. Learn more about these two requirements and achieve compliance before the December 2017 mandate.
With the deadline for compliance with DFARS Clause 252.204-7012 having passed on December 31st 2017, many companies are still scrambling to catch up. But in their haste, many may be ignoring a vital aspect of the mandate. Chiefly designed to
Protect and Report Sensitive Data Read More »
In today’s digital world, no matter what type of sensitive data you handle, attackers are hard at work developing ways to access it. The rash of high-profile security breaches making headlines every day is clear evidence of the struggle businesses
On December 31, 2017, the deadline passed for defense suppliers to comply with NIST 800-171, a requirement specified in Defense Federal Acquisition Regulation Supplement 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting.” This mandate attempted to ensure a higher
NIST Compliance — It’s Never Too Late! Read More »
On December 31, 2017, the deadline for compliance with the NIST 800-171, a mandate for contractors serving local and federal governments, came and went. This Special Publication provided guidance on the processes and procedures needed to adequately safeguard controlled unclassified
The Procrastinator’s Blueprint for NIST 800-171 Compliance Read More »
More than two years ago, the Department of Defense (DOD) sounded the alarm for increased cybersecurity with a new set of controls designed to raise the level of safeguarding standards across the industry. The requirements specified in Defense Federal Acquisition
3 Challenges to Meeting Supply Chain Cybersecurity Requirements Read More »
