Are you ready for the New DFARS clause on Cyber Security?
DFARS Cyber Security Requirements
I’ve been getting a few calls and emails of late asking about the new DFARS cyber security requirements. These calls are referring to DFARS 252.204-7012, which calls for the adoption of NIST SP 800-171. The timing is understandable as this clause is starting to appear in contracts or as flow-down to subcontracts. For those not familiar, NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” as the title implies, deals with controlled unclassified information (CUI) and specifically when it’s in the possession of nonfederal systems (e.g., Government Contractor systems). You can learn more about these requirements in our NIST SP 800-171 blog post.
What is CUI?
The definition of CUI is an interesting read for the security and management wonks. The government contractor might not be prepared to consider the data in their accounting system, like Deltek Costpoint to be included in the definition. However, the government’s interest in making sure that a business’ proprietary information remains secure helps assure the survival of that enterprise, which is certainly in the government’s best interest.
Preparing for DFARS 252.204-7012
If you’re a U.S. defense contractor or subcontractor you’re hopefully well along in your compliance analysis and ready for the December 31, 2017 deadline. At NeoSystems, our secure, private cloud hosting and IT infrastructure is audited by an external third-party. Our auditor’s SOC 2 Type 2 report maps out our controls to show compliance with NIST SP 800-171.
So, to our clients who have concerns about NIST SP 800-171 and DFARS 252.204-7012, I can say: “Grow Ahead, We Got Your Back-Office”. If you have more questions about NIST SP 800-171, DFARS 252.204-7012, and how they impact your business and ability to meet compliance requirements, please feel free to give us a call.
NeoSystems Provides Best-in-Class Government Contractor Compliance Solutions
Contact NeoSystems today to learn how we’re helping government contractors meet compliance requirements through our experienced team and purpose-built technology toolset.