Cybersecurity Self-Assessment Tool Released for Small and Medium Sized Businesses

On August 26, 2015, DoD published a rule amending the Defense Federal Acquisition Regulation Supplement (DFARS).  Subsequently, on December 30, 2015, DoD provided notice that both large and small contractors would be given more time – until December 31, 2017 – to comply with the rules.  Until that time, however, contractors still would be required to document both their cybersecurity shortcomings as well as their progress toward full compliance with NIST rules.  According to the DFARS, in order to qualify for DoD contracts, businesses would not be allowed to have any security system gaps when full compliance with the NIST guidelines becomes mandatory on December 31, 2017

NIST Releases Baldrige-Based Tool for Cybersecurity Excellence


Comments Sought on Draft Guide to Enhance Cybersecurity Framework

September 15, 2016