From: Wiley Rein
WHAT: The Department of Defense (DOD) issued draft guidance for procurements that will require compliance with DFARS Clause 252.204-7012, Safeguarding Covered Defense Information, and implementation of National Institute of Standards and Technology (NIST) SP 800-171. The draft guidance includes a matrix of NIST 800-171 requirements that contractors and DOD agencies should prioritize when implementing NIST 800-171, and several approaches for DOD agencies to evaluate NIST 800-171 implementation during the source selection process. As discussed below, contractors should take note of four key takeaways from this draft guidance, and heed shifting expectations ahead of increasing scrutiny from agencies that are being pressed to more aggressively manage cyber risk.
WHEN: DOD issued the draft guidance on April 24, 2018, and comments are due by May 31, 2018. The draft guidance is open under DARS-2018-0023.
Leave a Reply