What is adequate Cybersecurity? If you do business with the Department of Defense, you must comply with the following Cybersecurity standards by 31 December 2017. It’s not as bad as it seems though. Contact your counselor for more information and stay tuned for an upcoming webinar on the subject.
Minimum cybersecurity standards are described in NIST Special Publication 800-171 and break down into the following 14 areas:
Awareness & Training
Audit & Accountability
Identification & Authentication
System & Communication Protection
System & Info Integrity
Contractors must notify the DoD CIO within 30 days of contract award of any security requirements not implemented at the time of contract award. Contractors can propose alternate, equally effective measures to DoD’s CIO through their Contracting Officer.