The Federal Acquisition Regulation (FAR) is a set of regulations that governs all acquisitions and contracting procedures associated with the U.S government, including those involved in supply chains tied to award-winning contracts. Getting or keeping such work means complying not only with DFARS but also the cybersecurity requirements set forth by NIST 800-171 whether you are the prime contractor or a sub .
The cybersecurity requirements within NIST 800-171 are designed to safeguard CUI in the IT networks of government contractors and subcontractors. It defines the practices and procedures that government contractors must adhere to when their networks process or store CUI.
Manufacturers that want to retain their DoD, GSA, NASA and other federal and state agency contracts need to have a plan that meets the requirements of NIST SP 800-171. DFARS cybersecurity clause 252,204-7012 went into effect on Dec. 31, 2017, and deals with processing, storing or transmitting CUI that exists on non-federal systems — such as those used by a government contractor.
Many manufacturers are unclear what they should do to implement NIST SP 800-171 and gain compliance with DFARS, and whether there are specialized resources available to help them achieve that milestone without preventable pitfalls.
Columbia Advisory Group Security teams works with DoD and federal contractors in the implementation of a comprehensive cybersecurity program to meet and exceed the compliance requirements of the NIST 800-171 standard and the maturity levels to achieve the Cybersecurity Maturity Model Certification.
Learn how we align our exceptional experience as a leading IT Managed Service Provider to bring measurable benefits to your organization