If you have, or are downstream of, a government contract, the days of indifference about NIST 800-171 compliance are ending. The Department of Defense has begun enforcing cyber regulations on contractors to protect important data, including CUI (Controlled Unclassified Information). Not only that, but they have been sending out memos with further, and more in-depth, expectations.
Here are two recent articles about the crackdown and rising expectations:
- DoD Continues to Up the Ante on Cybersecurity Compliance for Contractors
- DoD tightens enforcement of cyber regulations on contractors to protect data
Unfortunately, playing the odds of a governmental audit (thinking it will never happen to you), will not work either. It’s not just the government you need to be concerned about. As the regulations become increasingly scrutinized, and your customers’ contracts become reliant on strict cybersecurity practices, they will certainly want to be assured that all their suppliers are compliant as well. Either way, a government auditor or inquisitive customer will be requesting proof of your compliance in the near future.
If you don’t know yet what NIST compliance means for you, take a look at these blog posts we wrote for you on the topic:
If you need some help achieving IT compliance or checking whether your IT security measures are comprehensive enough, outsourcing a cybersecurity audit can be your best option. We would love to help you with that! Reach out to us today.