12 Days Left to Comply with NIST SP 800-171 Are You Ready??

12 Days Left to Comply with NIST SP 800-171   Are You Ready??

 

Wait, what is it? NIST SP 800-171 is a set of information security guidelines for protecting certain types of government information that might find its way into your company information systems.

 

Does this apply to me? Anyone (individual, business, or contractor) who processes, stores, or transmits information for or with federal agencies could be impacted. This includes all governmental contractual relationships. The government began including this requirement in its contracts in 2013. If you missed it, you might want to start paying attention because you have until December 31, 2017 to comply by implementing the information security requirements defined in NIST SP 800-171 and reporting cyber incidents.

 

What is my responsibility? Review your contracts for the following FAR/DFARS clauses to understand your cyber security responsibilities. Prime contractors and subcontractors are required to comply with this regulation, so you have the same obligation even if you are not the prime.

 

•             FAR Clause 52.204-2

•             FAR Clause 52.204-21

•             DFARS Clause 252.204-7012

•             DFARS Clause 252.204-7009

•             DFARS Clause 252.204.7008

 

Not ready?

Comments?   Challenges ?

The professionals at Security First & Associates can help.

Call 443-325-7890

www.securityfirstassociates.com

 

Did You Notice that New DFARS Clause?

Did You Notice that New DFARS Clause? Cyber security doesn’t just affect information technology companies anymore. If you are doing business with the Federal government, you need to know your responsibilities to protect against cyber threats. There has been an effort underway for several years to put a system of guidelines in place that would…

What is NIST SP 800-171

What is NIST SP 800-171 Cyber attacks can have a devastating impact on businesses, including but not limited to negative media attention, the inability to conduct business, damaged corporate reputation and penalties. Most businesses are unaware that they have been attacked until notified by law enforcement, customers, auditors or external resources that raise a concern….

Cyber Security Workplace Tips

Celebrate Cyber security Awareness Month with These Workplace Tips October is National Cyber security Awareness Month (NCSAM), an initiative designed to engage both the public and private sectors on security best practices. Sponsored by the Department of Homeland Security, the National Cyber Security Alliance, and the Multi-State Information Sharing and Analysis Center, NCSAM is focused…

Honesty is Always Best Policy when completing the SF-86

Honesty is Always Best Policy on SF-86 There has been a lot of conversation about exactly what information you need to disclose when applying for a security clearance—specifically an SF-86. The Personal Conduct guidelines are quite clear: deliberate omission, concealment, or falsification of relevant facts from any personnel security questionnaire, personal history statement, or similar…

Why High-Security Organizations May be at Risk for Insider Threats

Why High-Security Organizations May be at Risk for Insider Threats   In an article from The Stanford News a quote recently caught my attention: “For companies, an insider threat from an employee can be an economic disaster. For a government unit, an insider threat can quickly become a dangerous national security issue.”   We often…

Are YOU an Insider Threat

As a security professional, I spend a lot of time talking to businesses about how they can create more safe and secure environments. Lately, I’ve been talking a lot about insider threats and what companies’ large and small need to do to keep themselves protected. But, this month, I am changing gears a bit. Instead…

Who Should Be on Your Insider Threat Risk Team?

Who Should Be on Your Insider Threat Risk Team? As a security professional, I have written a lot about the growing risk of insider threats—especially for small- to medium-sized companies who may not have the resources to dedicate one team member to this issue. Does your company fall into this category? Even if you don’t…

Why Protecting Against Insider Threats also Protects Against Workplace Violence

Why Protecting Against Insider Threats also Protects Against Workplace Violence   According to the Occupational Safety and Health Administration (OSHA), nearly 2 million employees are victims of workplace violence each year. An even more startling statistic is that between January 2009 and July 2015, there were 133 mass shootings in the workplace. No wonder violence…

Security Clearance Salaries on the Rise

Security Clearance Salaries on the Rise  According to a recent article from ClearanceJobs.com, those currently holding security clearances could see their salaries increase in 2017.  You ask Why?  Several factors are having an impact on security clearance salaries including:  OPM Breach—this caused some to leave the market creating a “backlog of background investigations.”  If you…