Leia Shilobod, CEO of Intech Solutions, Inc. speaks to local manufacturers about new CyberSecurity regulations. This webinar will provide a clear understanding of the path to compliance and the resources available to assist you.
All contractors and subcontractors, regardless of size, who have contracts with the: Department of Defense (DoD), General Services Administration (GSA) and NASA contractors must meet the Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) minimum cybersecurity standards (DFARS 252.204-7012 ) by December 31, 2017—or risk losing federal contracts. Penalties for non-compliance can be severe. Ensuring that your company complies with these requirements can be overwhelming.
The DFARS 252.204-7012 regulation requires compliance with two key information security requirements. The first requirement is Adequate Security which is met by compliance with 14 network security components outlined in NIST SP 800-171. The second requirement is Incident Reporting which requires contractors to report all cyber incidents that may have affected “covered defense information” (CDI) within 72 hours of discovery. Incidents must be reported to the DoD through the DIBNet portal, as well as to the prime contractor or the next higher-tier subcontractor. Contractors must also adhere to DoD regulations regarding investigating, preserving and submitting information about the breach.