Reading Between the Lines of NIST SP 800-171 Rev 2 and 800-171B Drafts

| | DFARS
On June 19th, the National Institute of Standards and Technology (NIST) released the much anticipated Rev 2 of SP 800-171 and the working draft of supplement SP 800-171B. As the core part ...

How We’re Making DFARS Compliance Affordable and Efficient

With the Department of Defense (DoD) making DFARS compliance a requirement for all contractors doing business with the DoD, a great amount of stress has been put on DoD contractors to comply ...

The CMMC – A Palatable Enforcement Solution to DFARS Requirement?

My colleagues and I have been warning about the Department of Defense’s (DoD’s) looming enforcement of DFARS clause 252.204-7012 for a while now, as many Tripwire customers handle government CUI. Inevitably, we ...

What To Expect From The Imminent Revisions To Two Of NIST’s Most Popular Frameworks

While the NIST Privacy Framework may be the headliner for the most anticipated new publication from the National Institute of Standards and Technology, there are two imminent revisions that security teams are ...

DFARS Cybersecurity Audits: What to Expect

| | DFARS
It’s getting real – the government is moving from self-reported compliance to external audits of a company’s cybersecurity posture: drilling deep to evaluate that company leadership fully understands their DFARS compliance measures ...

Department of Defense Launches First DFARS Compliance Audit

| | DFARS
The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply with NIST SP 800-171 is nothing new. For a ...

National Cyber Strategy Signals Changes To DFARS Mandate

| | DFARS
As of December 2017, any member of the Department of Defense supply chain needed to implement the NIST Special Publication (SP) 800-171 to be compliant to Defense Federal Acquisition Regulation Supplement (DFARS) ...