With the threat of cybersecurity breaches on the rise, the U.S. Government has implemented new security standards for Department of Defense (DoD) contractors, including manufacturers. Defense contractors possessing covered defense information must now implement 109 safeguards that are outlined in NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.”
These new requirements apply to your organization if you possess information in the performance of your DoD contract which is listed in the Controlled Unclassified Information (CUI) Registry and is:
If you are a manufacturer and perform any contracted work with DoD, you are likely subject to these requirements and must comply by the end of the year or risk losing your DoD contract. With 2017 almost at the halfway point, now is the time to make sure you’re working on an implementation plan for these new regulations. We’ve created a sample implementation timeline to follow:
Select Vendor for Cyber Assessment |
ASAP |
Conduct Gap Assessment of |
By September 1, 2017 |
Provide DoD With Areas |
By October 1, 2017 |
Remediate Issues of Non-Compliance |
By December 31,2017 |
Contact a member of the BlumShapiro Consulting cybersecurity team to determine the next steps your organization should be taking to comply with all 109 safeguards within the timeline specified. From an initial cybersecurity assessment, to providing solutions to remediate any compliance gaps that are identified, BlumShapiro is here to help assure your organization remains in good standing with the Department of Defense.
Please submit your inquiry or questions using the form below and we’ll get back to you shortly.