The Basics of Designing A System Security Plan

The Basics of Designing A System Security Plan

The DFARS 252.204-7012 clause requires that all contractors and subcontractors of the US Department of Defense maintain an up-to-date system security plan (SSP). You will likely be asked to provide this plan before you can sign any contract with the DoD as evidence showing that your organization has achieved an adequate level of security. Your SSP should align with the requirements of the NIST ...

What Are the Consequences of Noncompliance?

What Are the Consequences of Noncompliance?

Navigating DFARS 252.204.7012 compliance requirements can be challenging. It requires tightening DFARS-specific security controls, an area in which the expertise of compliance experts who can help fill the gaps in your IT system will prove invaluable. More importantly, they can help ensure you abide by your contract with the Department of Defense (DoD) to protect covered defense information (CDI) ...

What You Need to Know About Cyber Incident Reporting

What You Need to Know About Cyber Incident Reporting

Defense contractors operate in one of the most heavily regulated industry sectors of all. They face a wide range of threats from various sources, such as insider threat, social engineering, and state-sponsored attacks. Taking every possible step to achieve the standards demanded by the DFARS 252.204-7012 framework is essential to mitigate those risks and validate your efforts to remain compliant.

How Strong Are the Boundaries of Your Systems?

How Strong Are the Boundaries of Your Systems?

DFARS 252.204-7012 Security Requirement 3.12.4 requires contractors of the Department of Defense to create and regularly update a system security plan. This plan should describe the boundaries of your systems and the relationships between these systems.

How A DFARS Gap Assessment Helps You Evaluate Security

How A DFARS Gap Assessment Helps You Evaluate Security

Keeping up with the demands of compliance is a constant challenge, especially for companies operating in a highly regulated sector like the Defense Industrial Base. DFARS 252.204-7012 compliance, which is based on the NIST 800-171 framework, comes with many responsibilities and obligations. To maintain your existing contracts, as well as win requests for proposals for lucrative new projects, it ...