Skip to the main content.

1 min read

DFARS NIST Compliance Requirements: What Government Contractors Need to Know

Today’s government contractors face many challenges to remaining competitive and innovative while managing advanced information technologies and maintaining regulation compliance. Among those challenges is the increased risk of cyberattacks by nation states and other hackers who focus on contractors instead of federal government agencies. Last year, Chinese hackers carried out a cyberattack and gained sensitive and secret data about supersonic anti-ship missiles — information that was not correctly stored and protected by a Navy contractor in accordance with Defense Federal Acquisition Regulation Supplement (DFARS) standards.

DFARS has mandated minimum security standards in the National Institute of Standards and Technology (NIST) Special Publication 800-171 “Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations.” Companies that deal with controlled unclassified information (CUI) must comply with NIST 800-171, created specifically for non-federal information systems to secure government data.

If your company processes, stores or transmits federal contract information, you must provide evidence of security protections and compliance or risk the loss of contract awards and the ability to compete for future awards. If you are a government contractor or subcontractor, you must demonstrate “adequate security” as specified by NIST 800-171 and have cyber-incident policies and procedures in place that meet the DFARS requirements.

Valeo Networks has been NIST 800-171 compliant since December 2017.  Achieving NIST 800-171 compliance requires a thorough assessment of networks and procedures to address appropriate security policies. Saalex continues to evaluate its networks, procedures and processes to ensure we maintain compliance, demonstrating our commitment to security for our customers and ourselves. If you have questions about the NIST requirements, the NIST website and manufacturing handbook can provide guidance here.

If you need help in securing your data for NIST compliance, contact Valeo Networks for a free compliance assessment.

What Type of Firewall Should Your Company Have in Place?

What Type of Firewall Should Your Company Have in Place?

Whether you are a healthcare or a non-profit organization, securing your IT network should be at the top of your priority list. One of the easiest...

Read More
How CCPA & GDPR Affect Your Business’ Data Systems

1 min read

How CCPA & GDPR Affect Your Business’ Data Systems

The California Consumer Privacy Act and the European Union’s General Data Protection Regulation Affect the Data Protection Policies and Procedures of...

Read More
Data Breaches by the Numbers

Data Breaches by the Numbers

Think your company isn’t vulnerable to a data breach? The numbers might convince you otherwise. Verizon’s Data Breach Investigations Report states...

Read More