According to Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, all contractors working with the department of defense must take adequate measures to ensure “basic safeguarding” measures are in place to safeguard information systems that process, store, or transmit covered defense information.
The rule outlines various controls for covered information systems, including but not limited to the following:
Contractors are required to implement NIST SP 800-171 as soon as practical, however, if you haven’t done so yet, you’ve missed the deadline of December 31st, 2017. NIST SP 800-171 was developed to further push the development of information security standards and guidelines for federal information systems.
Under NIST SP 800-171, there are various security requirements organized into 14 control families. Companies must implement not only those security requirements but also document the implementation of them. The problem is, many contractors aren’t sure which information systems handle covered defense information.
Do you know exactly which information systems are handling covered defense information? Don’t risk losing your DoD contracts because of an oversight!
Covered defense information refers to any unclassified controlled technical information or other unclassified information that is:
The term ‘Information systems’ can encompass a wide range of equipment – from communication platforms to Internet-connected devices – and it’s vital to make sure you’re safeguarding covered defense information on ALL information systems.
Click here or fill out the form to book a cybersecurity review to ensure you’re safeguarding covered defense information on ALL information systems.
We have extensive experience completing NIST SP 800-171 assessments, IT security audits, and delivering cybersecurity best practices in both private and public-sector environments of all sizes. Our team will perform a thorough review to ensure you’re implementing necessary safeguarding measures on ALL information systems.
If you have any questions, feel free to give us a call at (850) 783-3012. If you have any doubt in your mind that you’ve addressed all information systems handling covered defense information, click here or fill out the form immediately.