Browsing: NIST Compliance

URGENT: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

URGENT: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

Urgent: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk.  Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement… read more

Do You Know Your NIST SP 800-171 SPRS Score?

Do You Know Your NIST SP 800-171 SPRS Score

Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the… read more

New DoD Memo Requests DCMA to Begin Validating 800-171

New DoD Memo Requests DCMA to Begin Validating 800-171

Suppliers will need to show documentation of their own contractor relationships. While the defense industry is still recovering from the recent shutdown, the Under Secretary of Defense released a new memorandum requesting that the Defense Contract Management Agency (DCMA) validate contractor compliance in several key areas. Leveraging the criteria outlined in DFARS 252.244-7001, DCMA will… read more

DoD Ramps Up Compliance Checking of NIST 800-171

DoD Ramps Up Compliance Checking of NIST 800-171

On November 6th, 2018, DoD’s Acting Principal Director for Defense Pricing and Contracting (DPC) issued a broad-ranging memorandum titled, “Guidance for Assessing Compliance and Enhancing Protections Required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.” This memorandum highlights two new guidance documents, slated for integration into DFARS PGI 204.73 in 2019:… read more

GSA Begins Process of Aligning Contracts with NIST 800-171

GSA Begins Process of Aligning Contracts with NIST 800-171

It’s been assumed for some time now that major components of the government contracting sector would fall in line with NIST standards for safeguarding controlled unclassified information (CUI), namely NIST Special Publication 800-171. Department of Defense was the first to implement the standard, beginning with updates to the Defense Federal Acquisition System (DFARS) contract regulations… read more

New Tools Available to Prime Contractors for Managing NIST 800-171 Compliance

New Tools Available to Prime Contractors for Managing NIST 800-171

In a previous memorandum published by the Under Secretary of Defense, government agencies and acquisition officers have been provided guidance on how to incorporate DFARS and NIST compliance into their solicitations. These include writing NIST 800-171 implementation into statements of work, the source selection process, and bidder instructions. In a new memorandum published on December… read more

Understanding Encryption Key Management for Businesses

michigan nist compliance nist compliance michigan

How to protect and control encryption key access across its lifecycle. Encryption technology is one of the most important security features protecting your data. The use of encryption-in-transit secures email, text, and web data so that users can send and receive information without fear of interception or tampering. Meanwhile, encryption at rest protects data where… read more