We understand that Federal Agency Cyber Security effectiveness and resilience is imperative to national security goals. We have a long history of providing Cyber Security advisement to the U.S. Government. Department of Defense (DoD) contractors have a responsibility to remain trustworthy partners to support contract fulfillment through effective DFARS compliance. But the clock is ticking. The December 31, 2017 deadline is closing in.
Any organization, contractor or subcontractor that holds or processes unclassified DoD data must ensure that they comply with the new DFARS clause 252.204-7012. Failure to be compliant will leave you in breach of contract and subject to criminal, civil, administrative, and contractual actions in law and equity for penalties, damages, and other appropriate remedies by the United States. It will also leave you open to civil actions for damages and other appropriate remedies by a third party that reports a cyber incident, as a third-party beneficiary of this clause.
Organizations working with the DoD are already used to applying stringent controls to systems that manage classified data, but with DFARS this now extends to unclassified systems that are owned, operated by, or for a contractor that process, store, or transmit covered defense information. This can have wide-reaching consequences for the contractor who now must extend security controls across a wider range of systems than in the past.
December 31, 2017 is coming fast and we want to make certain your DFARS compliant. We’ll assess your environment to help you construct a strategy for remediation as a result of a risk assessment and gap analysis outlining deficiencies to help you work towards becoming fully compliant.
Once the appropriate controls and documents are in place, we can help you with your remediation plan as well as monitor the controls for proper design and operating effectiveness going forward.
Contact us to get started immediately on your DFARS compliance needs for the December 31, 2017 deadline.