Cybersecurity Rules Under FAR & DFARS: Protecting Unclassified Information
In 2020, the U.S. Department of Defense (DoD) implemented a cybersecurity assessment requirement that requires contractors to have assessments of their compliance with the security requirements contained in NIST SP 800-171 and to submit a report on that assessment. DoD has stepped up the verification requirement with its Cybersecurity Maturity Model Certification (CMMC) program. Both of these efforts at requiring contractors to asses and certify their compliance with NIST SP 800-171 were driven, in part, by DoD's conclusion that contractors were not consistently implementing the existing cybersecurity safeguards. However, noncompliance on the part of government contractors, particularly small businesses, may stem, in part, from a misunderstanding of the wide net cast by existing safeguarding regulations. So in this webinar, Mark Amadeo briefly provides an overview of cybersecurity rules under FAR and DFARS that apply to unclassified information.
You can view the webinar below. You can also download the presentation as a pdf (here) and listen to or download the webinar as a podcast (here).
To see other GovCon Webinars go here.