Due to increased concerns about cyberattacks, any manufacturer, either an OEM or tiered supplier, contractually doing business with the Department of Defense (DoD), General Services Administration (GSA) or NASA must be compliant with defined cybersecurity requirements no later than December 31, 2017.
Join Polaris MEP, RI PTAC and SENEDIA as we welcome the subject matter expert in the area of Cybersecurity, and specifically DFARS, Pat Toth on September 19th at the Crowne Plaza in Warwick, RI.
Note: If you are unable to join us on the 19th, please register to join CONNSTEP, our sister organization in Connecticut, and CT PTAP (Connecticut Procurement Technical Assistance Program) on September 20th by clicking here:
Pat Toth is the Cybersecurity Program Manager at the NIST Hollings Manufacturing Extension Partnership (MEP). During her 26 years at NIST, Pat has worked on numerous documents and projects including SP 800-53, SP 800-53A, SP 800-171, SP 800-16 rev 1, and NISTIR 7621. Before she came to NIST, she served as a Cryptologic Officer in the U.S. Navy.
With Pat’s help we are working to increase area manufacturers’ awareness and understanding to help ensure compliance with the DFARS cybersecurity requirements that will apply to DOD contracts by December 31, 2017.
DFARS Cybersecurity Conference
No business is too small to be hacked. More than 70 percent of reported breaches actually affected businesses with 100 employees or less. Therefore, having a sustainable plan in place is critical to the survival of a small business because one cyber-attack can be catastrophic.
Some facts shared by the Michigan Manufacturing Technology Center help illustrate the severity of this issue:
Knowing this, government agencies are requiring their contractors to meet certain cybersecurity requirements. What may have been a “down the road” priority has become a “better do it now” priority for contractors nationwide including vendors doing business with the Department of Defense (DoD).
The requirements detailed by the National Institute of Standards and Technology (NIST) in Special Publication 800-171 include a compliance deadline of December 31, 2017– or risk losing federal contracts.
With the deadline fast approaching we’re finding most Rhode Island and Connecticut manufacturers, regardless of tier, aren’t even aware of the impending date or what they must do to comply.
The biggest thing to note is the DoD Chief Information Officer must now be notified within 30 days of contract award of any security requirements not implemented by the contractor at the time including cybersecurity compliance. In other words, if contractors don’t have proof of compliance, they risk removal from the approved DoD vendor list.
Polaris MEP has partnered with RI PTAC (Rhode Island Procurement Technical Assistance Center), SENEDIA (Southeastern New England Defense Industry Alliance), CONNSTEP (Connecticut’s Manufacturing Extension Partnership), and CT PTAP (Connecticut Procurement Technical Assistance Program), to bring you this important event.
Comments are closed.