Category Archives: NIST Compliance

Urgent: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

URGENT: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk.  Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement […]
Do You Know Your NIST SP 800-171 SPRS Score

Do You Know Your NIST SP 800-171 SPRS Score?

Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the […]
New DoD Memo Requests DCMA to Begin Validating 800-171

New DoD Memo Requests DCMA to Begin Validating 800-171

Suppliers will need to show documentation of their own contractor relationships. While the defense industry is still recovering from the recent shutdown, the Under Secretary of Defense released a new memorandum requesting that the Defense Contract Management Agency (DCMA) validate contractor compliance in several key areas. Leveraging the criteria outlined in DFARS 252.244-7001, DCMA will […]
DoD Ramps Up Compliance Checking of NIST 800-171

DoD Ramps Up Compliance Checking of NIST 800-171

On November 6th, 2018, DoD’s Acting Principal Director for Defense Pricing and Contracting (DPC) issued a broad-ranging memorandum titled, “Guidance for Assessing Compliance and Enhancing Protections Required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.” This memorandum highlights two new guidance documents, slated for integration into DFARS PGI 204.73 in 2019: […]
New Tools Available to Prime Contractors for Managing NIST 800-171

New Tools Available to Prime Contractors for Managing NIST 800-171 Compliance

In a previous memorandum published by the Under Secretary of Defense, government agencies and acquisition officers have been provided guidance on how to incorporate DFARS and NIST compliance into their solicitations. These include writing NIST 800-171 implementation into statements of work, the source selection process, and bidder instructions. In a new memorandum published on December […]
michigan nist compliance nist compliance michigan

Understanding Encryption Key Management for Businesses

How to protect and control encryption key access across its lifecycle. Encryption technology is one of the most important security features protecting your data. The use of encryption-in-transit secures email, text, and web data so that users can send and receive information without fear of interception or tampering. Meanwhile, encryption at rest protects data where […]
michigan nist compliance nist compliance michigan

Why Your Business Should Invest in Breach Detection Software

No cybersecurity defense is complete without breach detection and a response plan. We wrote last week about the threat ransomware poses to your business, and strategies you can use to prevent your system from being compromised. While ransomware can grind your business to a halt by holding your data hostage, there is one way in […]
Image of ransomware attack with a warning sign and the words: "Your files are encrypted."

How to Detect and Prevent Ransomware Attacks

Ransomware attacks are on the rise. Here’s how your business can detect and prevent them. 2017 has seen an increase in prominent ransomware attacks, and experts warn that they are likely to grow more common. So far, 2017 has seen two significant ransomware attacks: WannaCry, which began in May, and NotPetya, which followed a couple […]