Cybersecurity attacks on the US Defense Industry increase in both sophistication and frequency Adversaries target anyone who possesses sensitive information including not only Government organizations, but also prime contractors, subcontractors and suppliers. As if January 1, 2018, all Department of Defense (DoD) contractors and subcontractors are required to comply with Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 Safeguarding Covered Defense Information (CDI) and Cyber Incident Reporting. The DFARS requirements are based on the National Institute of Standards & Technology (NIST) Special Publications (SP) 800-171. This SP imposes baseline security standards and expanding the information that is subject to safeguarding. If an audit determines a failure to meet the requirements of the DFARS requirement, consequences may include criminal, civil, administrative, or contract penalties – including termination of contracts.
Key Impacts of DFARS include:
In order to be DFARS compliant, you must begin with a complete scoping and readiness assessment to measure your compliance with the NIST SP 800-171 guidelines, then remediate gaps identified. Our highly qualified team of NIST compliance professionals–with 18 + years of cyber security and compliance experience–are ready to meet your readiness needs. We have mature and comprehensive processes that ensure your strengths and gaps are identified and quickly remediated.