Category Archives: NIST Compliance

cybersecurity, lock on keyboard

A Beginner’s Guide to NIST Compliance & the Steps Businesses Need to Comply

Every industry has a set of suggestions or guidelines that they recommend businesses follow in order to help ensure the safety and security of their products or services. For example, the National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce that provides recommendations for how businesses […]
business professionals discussing charts

Understanding Compliance: Which Regulations Apply to My Business?

When it comes to understanding compliance, there are a lot of different regulations that can apply to your business. It can be difficult to keep track of them all, and even more challenging to ensure that your business is compliant with them. In this blog post, we will go over some of the most common […]
Urgent: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

URGENT: DOJ to Start Pursuing Government Contractors who Falsify Cybersecurity Practices

The United States Department of Justice (DOJ) has announced that it will start holding companies that have government contracts—and receive federal funding—accountable if they’ve put US information or systems at risk.  Using the False Claims Act, the Civil Cyber-Fraud Initiative will seek out cybersecurity fraud committed by companies receiving federal grants and contracts. This announcement […]
Do You Know Your NIST SP 800-171 SPRS Score

Do You Know Your NIST SP 800-171 SPRS Score?

Posting an accurate self-assessment of your Supplier Performance Risk System (SPRS) score is the new DFARS requirement as the DoD reviews CMMC compliance standards. Ever since NIST SP 800-171r2 requirements were published, businesses across the country who want to continue filling DoD contracts have been steadily updating their security controls in order to meet the […]
New DoD Memo Requests DCMA to Begin Validating 800-171

New DoD Memo Requests DCMA to Begin Validating 800-171

Suppliers will need to show documentation of their own contractor relationships. While the defense industry is still recovering from the recent shutdown, the Under Secretary of Defense released a new memorandum requesting that the Defense Contract Management Agency (DCMA) validate contractor compliance in several key areas. Leveraging the criteria outlined in DFARS 252.244-7001, DCMA will […]
DoD Ramps Up Compliance Checking of NIST 800-171

DoD Ramps Up Compliance Checking of NIST 800-171

On November 6th, 2018, DoD’s Acting Principal Director for Defense Pricing and Contracting (DPC) issued a broad-ranging memorandum titled, “Guidance for Assessing Compliance and Enhancing Protections Required by DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.” This memorandum highlights two new guidance documents, slated for integration into DFARS PGI 204.73 in 2019: […]
New Tools Available to Prime Contractors for Managing NIST 800-171

New Tools Available to Prime Contractors for Managing NIST 800-171 Compliance

In a previous memorandum published by the Under Secretary of Defense, government agencies and acquisition officers have been provided guidance on how to incorporate DFARS and NIST compliance into their solicitations. These include writing NIST 800-171 implementation into statements of work, the source selection process, and bidder instructions. In a new memorandum published on December […]
michigan nist compliance nist compliance michigan

Understanding Encryption Key Management for Businesses

How to protect and control encryption key access across its lifecycle. Encryption technology is one of the most important security features protecting your data. The use of encryption-in-transit secures email, text, and web data so that users can send and receive information without fear of interception or tampering. Meanwhile, encryption at rest protects data where […]