Cyber Security for Government Contractors
What is Cyber Security?
Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.
How does this affect contractors looking to do business with the federal government?
Our US adversaries are actively working to steal the US military secrets at an alarming rate. They are targeting contractors to do this. So, Department of Defense (DoD) contractors are a major source of information leakage that leads to compromise of US military competitive advantage. The DoD has decided to do something to eliminate these leaks.
DoD contractors did not consistently implement mandated system security requirements for safeguarding information, and it was recommended that DoD take steps to assess a contractor’s ability to protect this information, so they developed a two-pronged approach…NIST 800–171 and CMMC.
The Department of Defense has established an ultimatum for its contractors: increase their cyber defense, or we will not do business with you.
Laws and Regulations
NIST 800–171 and CMMC are the DoD’s response to significant compromises of sensitive defense information located on contractors’ information systems.
NIST 8000-171 is the standard methodology to assess contractor implementation of the cybersecurity controls and practices.
The CMMC (Cybersecurity Maturity Model Certification) version 1.0 was released on January 31, 2020. Version 4.0 is the latest public draft that establishes a tiered framework to measure a company’s processes and implementation of cybersecurity practices. (It describes specific criteria for risk management of the defense contractor.)
Totem Tech, a Cyber Security Specialist has put together an E-Book – Cybersecurity 101 for Government Contractors. You can download this e-book for free by clicking this link and using code “1PTAC2021” at checkout.