The reality of cyber incidents and the fear of consequences troubles many A/E firms. Those working on federal and state contracts must comply with specific cybersecurity requirements.
While the U.S. Department of Defense (DoD) and their Defense Federal Acquisition Regulation Supplement (DFARS) rules affect all defense contractors, similar rules are expected to apply to all federal contracts.
Many small businesses lack the time, money, and technical expertise to effectively address cybersecurity compliance. Most of those can't meet the requirements in DFARS 252.204-7012 or NIST (SP) 800-171.
Join Robert Jones to break cybersecurity down into small, manageable, and affordable chunks that any business can tackle. You'll learn a tool to evaluate your compliance that helps build your System Security Plan (SSP) and Plan of Actions and Milestones (POA&M).
While full compliance with all 110 items in NIST (SP) 800-171 still requires a significant effort, this approach tackles many of the core items and reaps the benefits of the low-hanging fruit. All of these tools are off-the-shelf/readily available and deployable in hours or days. Many of these tools offer free or inexpensive versions for personal use which enables you to practice good cyber hygiene at home and at work.
TAKEAWAYS:
- Cybersecurity requirements in federal government contracts
- The 14 categories of NIST (SP) 800-171
- Practical and affordable solutions for businesses of every size