Contractors and their supply chain with active Defense Department contracts, or those that plan on doing business with it, must assure that any of their data systems that transmit, process or store controlled unclassified information are compliant with National Institute of Standards and Technology Special Publication 800-171 “Protecting Controlled Unclassified Information in Non-federal Information Systems and Organizations.”
It’s clear that meeting the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 mandate to comply to the special publication is a required priority for defense contractors, subcontractors and suppliers.
Making a system security plan and plan of actions and mitigations is crucial to winning new business and keeping existing contracts this year and moving forward. Here are some tips on how to approach creating and utilizing these complex compliance documents.
Keep reading this article at: http://www.nationaldefensemagazine.org/articles/2018/3/30/new-cyber-rule-requires-critical-documents
The Georgia Tech Procurement Assistance Center (GTPAC) has developed an instructional video and a template to help contractors comply with DoD’s cybersecurity requirements. You can view and download these resources at: http://gtpac.org/cybersecurity-training-video/