Not complying with these regulations as of December 31, 2017 puts you at risk of losing current and future DoD contracts.
Under the Defense Federal Acquisition Regulation Supplement (DAFRS), Department of Defense contractors and subcontractors must comply with a cybersecurity program.
In order to comply with DFARS, contractors must address numerous clauses within, including:
252.204-7008: Compliance with Safeguarding Covered Defense Information Controls
252.204-7012: Safeguarding Covered Defense Information and Cyber Incident Reporting with the Application of NIST SP 800-171 controls
What is NIST SP 800-171?
NIST 880-171 applies to Controlled Unclassified Information (CUI) for non-federal systems
Based on NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
14 security control families
110 security controls
The best time to prepare for a cybersecurity incident is before it happens. Effective recovery requires a well-tested plan and a certified team of professionals.
Leverage our Proven Process Package and ISMS/ISO 27001 subject matter expertise to gain ISO 27001 certification.
Is your business required to comply with GDPR as defined by the EU Commission? Do you sell products or services to organizations with citizens residing in the EU?
Do you have a contract from the Department of Defense? Our NIST-based framework allows our clients to identify and prioritize the protection of Controlled Unclassified Information (CUI).
A PCI Assessment will provide a comprehensive foundation for PCI compliance.
SOC2 & 3
SOC 2 or 3 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.
Range of HIPAA security, privacy, and breach notification audit services to help our clients identify and prioritize compliance needs.