Every industry has a set of suggestions or guidelines that they recommend businesses follow in order to help ensure the safety and security of their products or services. For example, the National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce that provides recommendations for how businesses […]
Category Archives: NIST Compliance
16
Jun
Jun
When it comes to understanding compliance, there are a lot of different regulations that can apply to your business. It can be difficult to keep track of them all, and even more challenging to ensure that your business is compliant with them. In this blog post, we will go over some of the most common […]
25
Oct
Oct
The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk. Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement […]
17
May
May
Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the […]
31
Jan
Jan
Suppliers will need to show documentation of their own contractor relationships. While the defense industry is still recovering from the recent shutdown, the Under Secretary of Defense released a new memorandum requesting that the Defense Contract Management Agency (DCMA) validate contractor compliance in several key areas. Leveraging the criteria outlined in DFARS 252.244-7001, DCMA will […]
20
Nov
Nov
On November 6th, 2018, DoD’s Acting Principal Director for Defense Pricing and Contracting (DPC) issued a broad-ranging memorandum titled, “Guidance for Assessing Compliance and Enhancing Protections Required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.” This memorandum highlights two new guidance documents, slated for integration into DFARS PGI 204.73 in 2019: […]
11
Jan
Jan
In a previous memorandum published by the Under Secretary of Defense, government agencies and acquisition officers have been provided guidance on how to incorporate DFARS and NIST compliance into their solicitations. These include writing NIST 800-171 implementation into statements of work, the source selection process, and bidder instructions. In a new memorandum published on December […]
21
Dec
Dec
How to protect and control encryption key access across its lifecycle. Encryption technology is one of the most important security features protecting your data. The use of encryption-in-transit secures email, text, and web data so that users can send and receive information without fear of interception or tampering. Meanwhile, encryption at rest protects data where […]
- 1
- 2