Tags National Institute of Standards and Technology (NIST)

DOD planning to use NIST 800-171 as evaluation criteria for contracts prior to CMMC rule

by

The NIST standards have been part of federal law for contractors for several years, but until now, contracting officers have been "lackadaisical" about enforcing them, said the head of DOD's CMMC program.

Defense R&D contractors inadequate in protecting sensitive data, IG says

by

Contractors that research and develop new technologies for the Department of Defense are not consistent in safeguarding the DOD’s controlled unclassified information, according to a new audit by the Pentagon’s inspector general. The watchdog reviewed the cybersecurity controls of 10 such contractors and found issues in how they used multifactor authentication, identified and mitigated vulnerabilities in their systems, encrypted systems and protected against users transferring controlled unclassified information (CUI) via…