Achieve NIST 800-171 Compliance in 3 Simple Steps
1. Assessment/SSP/POAM
We perform a detailed assessment of your current network and compare this with the cyber security controls required in NIST SP 800-171. We then prepare an SSP and POAM so that you can provide documented evidence to the DoD or your Prime that you’re on your way towards compliance. This step then serves as the basis for creation of the remediation plan.
2. Remediation
In this step the items called out in the POAM need to be addressed. Depending on the current state of your IT systems, this can be as simple as implementing multi-factor authentication and security awareness training or as complex as refreshing an entire aging infrastructure.
3. Compliance Monitoring & Maintenance
Ongoing advanced cybersecurity monitoring and incident response capabilities are required to remain compliant. If a cyber incident occurs you must notify the DoD through the DIBNet Portal (https://dibnet.dod.mil/portal/intranet/) within 72 hours. You must also constantly assess and maintain the NIST 800-171 controls over time as systems change and fall out of alignment.
Case Studies
How we’ve helped DoD Contractors across the U.S. comply with NIST 800-171
Wilcoxon Sensing Technologies
Wilcoxon Sensing Technologies is a leading supplier for high performance vibration monitoring and sensing solutions. Their top quality vibration sensors and accessories are trusted by OEMs, major manufacturers, and important organizations around the world including the Department of Defense. The DoD has a cyber security requirement (DFARS 252.204-7012) based on the NIST SP 800-171 controls for all suppliers to comply with in order to continue doing business with them. Learn how SysArc helped them become compliant…
Newark Wire Cloth Company
Newark Wire Cloth Company (NWC) is a small manufacturer that specializes in wire cloth filters based in Newark, New Jersey. They weave these filters in order to provide vital tools in the aerospace industry and military aviation. NWC’s prime contractor required them to become compliant to continue being a supplier due to the DFARS regulation and its flow-down clause. Learn how SysArc helped them become compliant…
DoD Contractor Cyber Security Resources:
Read our publications on NIST 800-171 Compliance
-
DFARS Interim Rule – 5 Key Takeaways to Be Aware of Now
On September 29, the Defense Acquisitions Regulation System released a new Interim Rule to supplement current DFARS regulations. While the Department of Defense is working... Read more →
Encrypted Email & File Sharing Solutions for CMMC Compliance
SysArc’s primary aim is to provide DoD suppliers with Cybersecurity Maturity Model Certification (CMMC) readiness services and solutions, which is why we have dedicated our... Read more →
Reporting Cyber Incidents with the Department of Defense
This guide was written to help DoD contractors and subcontractors quickly understand what is required of them to take proper action after they either suspect... Read more →
What is “Adequate Security” for DFARS/NIST 800-171 Compliance?
We work with the Department of Defense (DoD) Contractors all over the United States and help them navigate the complexities of DFARS and NIST 800-171... Read more →
Controlled Unclassified Information (CUI) in DFARS/NIST SP 800-171
Broadly speaking, the U.S. Government defines Controlled Unclassified Information (CUI) as any information that requires safeguarding or dissemination controls pursuant to and consistent with applicable... Read more →
How to Create a System Security Plan (SSP) for NIST 800-171
The Department of Defense’s final guidance requires the review of a System Security Plan (SSP) in the assessment of contract solicitation during the awards process.... Read more →
How to Prove DFARS/NIST SP 800-171 Compliance in DoD Contracts
The U.S. Department of Defense (DoD) has released final guidance on assessing contractor compliance with NIST SP 800-171 during the contract award process. Based on... Read more →
Do Small DoD Contractors and Subcontractors Have to Comply with DFARS?
A common question that small DoD contractors and subcontractors have is whether they are subject to the requirements of the Defense Federal Acquisition Regulation Supplement.... Read more →
Pentagon To See DoD Contractor Cyber Security as a Competitive Advantage
The Washington Post has reported that The Pentagon has developed a new strategy to protect its supply chain from cyber crime and foreign interference. As well... Read more →