DID YOU KNOW?
The federal government is continuing to increase its focus on addressing cybersecurity threats. If you are a government contractor or subcontractor, you are required to meet the December 31, 2017, deadline for complying with the Controlled Unclassified Information (CUI) and the Defense Federal Acquisition Regulation Supplement (DFARS) minimum security standards.
Companies are required to have an assessment based on the National Institute of Standards & Technology Special Publication 800-171 (NIST SP 800-171) controls, and a security plan documenting the steps the company will take to remediate if risks are found during the assessment.
WHAT ARE THE REQUIREMENTS?
There are 14 sections:
WHAT DOES THIS MEAN TO YOU?
Government contractors and subcontractors have until December 31, 2017, to implement the NIST SP 800-171 requirements or risk losing their DoD contracts.
DO YOU NEED HELP COMPLYING?
MEP (the Manufacturing Extension Partnership) Centers, a division of NIST, has identified Citrin Cooperman as a recommended vendor. Working with a certified security auditor possessing real-world experience in the key disciplines needed for the job will ensure your compliance and peace of mind by the December 31, 2017, deadline. http://riptac.org/local-cybersecurity-resources/
TO LEARN MORE, CONTACT:
Dr. Suzanne Miller, Ph.D., CISA, CISM, CRISC, CHS-III, QSA