The U.S. Department of Defense (DoD) identifies cybersecurity as critical to the way the entire nation functions. Protection of America’s cyber infrastructure is so critical that as of December 31, 2017, federal defense contractors which process, store or transmit Controlled Unclassified Information (CUI) must meet the Defense Federal Acquisition Regulation Supplement (DFARS) minimum security standards. The Mississippi Defense Initiative conducted a cybersecurity labor study in 2019 to better understand the state of Mississippi’s supply and demand of cybersecurity professionals.
This link points to the actual Defense Federal Acquisition Regulation Supplement clause 252.204-7012. Those using this link would want a concrete understanding of what the clause actually says.
NIST Special Publication 800-171A provides guidelines for how a cyber security assessment for NIST 800-171 should be conducted. It can be used to identify the types of questions and the level of rigor that can be used for an assessment.
NIST Handbook 162
The NIST Handbook 162 is a guide that provides information needed to understand NIST Special Publication 800-171 in less technical language. It gives explanations about how controls from each of the 14 families outlined in NIST 800-171 can be addressed and the types of questions to ask during an assessment.
Pat Toth (NIST) Briefings
This video provides an overview of the requirements for defense contractors outlined in NIST Special Publication 800-171. It describes the NIST Manufacturing Extension Partnership (MEP) three step process for compliance and helps attendees to gain a better understanding of the NIST 800-171 and NIST Handbook 162 publications.
NIST Small Business Cybersecurity Corner
The NIST Small Business Cybersecurity Corner aims to provide companies with cybersecurity guidance, solutions, and training that is practical actionable, and enables them to cost-effectively address and manage their cybersecurity risks.