|January 12 · Issue #18|
The newsletter from Assurity Drive the all in one military-grade cybersecurity solution for Department of Defense contractors. Assurity Drive covers DFARS 7012/NIST SP 800-171 & Cybersecurity Maturity Model Certification compliance and works for any company that needs military grade security.
The new DFARS clause -7019 requires that contractors bidding on new DoD contracts (or exercising options in their current contracts) not only continue to conduct self-assessments based on NIST 800-171 controls, but also requires that they report out the results of their self-assessment to the SPRS (Supplier Performance Risk System).
The rule in the Defense Federal Acquisition Regulation Supplement (DFARS) requires defense contractors to undertake specific data security corrections through the DoD’s Basic Assessment process, which are submitted to the Supplier Risk Management System. Additionally, defense contractors are required to have certification under the CMMC framework, which assesses security processes and practices.
This year has been one of nonstop growth — and nonstop growing pains — for the Department of Defense‘s new contractor cybersecurity standards, the Cybersecurity Maturity Model Certification (CMMC). In a year wrought with painful change, supply chain cybersecurity has been no exception.
The Defense Department, worried about potential cybersecurity risks from its vendors, is in the midst of implementing a new supply chain security certification and announced the first pilots set for the coming year.
Based on the Department of Defense’s (DoD) data, the Defense Industrial Base (DIB) will, for the most part, be made up of contractors and subcontractors who need to meet basic cyber hygiene, or CMMC Level 1 – about 70%.
Need to learn more about CMMC?
Check out our free twenty-three-page whitepaper.
We put a link to a twenty-three-page whitepaper below to describe this current issue of security and compliance thoroughly.
Note that plenty of citations are at the end of the newsletter, so you can fact-check everything for yourself to understand how critical the timing and your choices are for your business.
In 2020, big changes are coming. The DoD has issued a hard-stop to non-compliant contractors with the CMMC to avoid the Trojan Horse of risk and liability in their supply-chain.
The Assurity Group, LLC Team