SEMAIS Knowledge Base 201706: DFARS 252.204-7012 and NIST SP 800-171 Requirements
Dewayne Hart CISSP, CEH, CNDA, CGRC, MCTS
Official Member @ Forbes Tech Council | Author l Keynote Speaker l Cybersecurity Advisory Board Member @ EC-Council
The integration and collaboration of security has really expanded and brought forth some compliance initiatives to reduce risk and protect data. There are many contracting companies focusing their efforts on NIST SP 800-171. The publication outlines specific requirements for government contracting companies to secure their systems. Under DFARS 252.204-7012, to meet NIST SP 800-171 Compliance, a contractor must implement the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, that is in effect at the time the solicitation is issued by the Contracting Officer, or as soon as practical, but not later than December 31, 2017.
My Feedback: This initiative is great for the government and contractors. Its an alignment practice to ensure everyone security state of readiness is practiced and modeled to meet regulatory requirements. What are your thoughts?
Dewayne Hart
CEO
SEMAIS