Compliance for Federal Contractors – NIST 800-171
The Department of Defense views cybersecurity as foundational to doing business with the DoD. The Department wants increased accountability for industry on cybersecurity. The U.S. Deputy Secretary of Defense (DOD) announced that the DOD would require all DOD contractors to meet higher cybersecurity standards, and would hold large contractors responsible for demanding that their subs do the same.1
The Department of Defense (DoD) requires all contractors that process, store or transmit Controlled Unclassified Information (CUI) to have met the Defense Federal Acquisition Regulation Supplement (DFARS) minimum security standards by December 31, 2017 or risk losing their DoD contracts. The compliance mandate to comply with NIST 800-171 goes beyond checkbox security to a thorough understanding of your threat landscape and comprehensive steps to mitigating the threats.
The NIST 800-171 guidelines helps ensure that agencies, their contractors and associated organizations handling CUI maintain protective controls around the systems that transmit, store and handle CUI data. Identifying, securing and managing systems that contain or transmit CUI data can be a daunting task. Learn more about the challenges with continuous compliance NIST 800-171 in this white paper.
Current State - What we know
Many months have passed since DFARS/NIST 800-171 requirement. NDIA research shows that many (smaller) contractors are struggling with the requirements. Primes are required to pass the requirement down to their subcontractors. This is a challenge for many primes.
In FY18 there were thousands of companies with contracts over $1M. These contracts are at risk if they do not comply with 800-171! Why is compliance with NIST 800-171 such a challenge?
Join us for a series of webinars that explains the challenges and shares quick tips for accelerating NIST Compliance
The ForeScout platform helps with 800-171 preparedness by automating and accelerating your path to compliance, reducing overall risk and maintaining and demonstrating ongoing compliance.
By providing visibility into devices connected to the network, ForeScout offers direct component support for over 50 of the 109 NIST 800-171 controls as well as supplemental support across over 90 controls. The ForeScout platform agentlessly detects devices as they connect to the network, automates simple and repeatable tasks, and infuses those elements into existing IT security and management services.
Learn more about how ForeScout helps federal contractors today to increase control of their Controlled Unclassified Information, and adhere to NIST 800-171 requirements with an agentless, easy-to-deploy and scalable solution.
Webinars - Challenges and Tips for accelerating NIST compliance.
Click on the circles below to view list of upcoming webinars:
DON'T BOIL THE OCEAN!
COMPLIANT WITH THE NIST 800-171?
SAVE YOUR CONTRACTS!
FORESCOUT & NIST 800-171
Don't Boil the Ocean
Hosted by: Gulfstream Cybersecurity
Presented By: Leo Sheridan, Federal & Systems Integrators, Exec Liaison
When: November 6
Topic: NIST 800-171 has over 100 controls. Learn how to focus on the most important controls and prepare to quickly comply with DFARS/NIST 800-171.
It's November. Are you compliant with the NIST 800-171?
Hosted By: ForeScout
Presented By: Leo Sheridan, strategist for federal agencies will provide a self-assesment to help you determine the gaps to complying with NIST 800-171.
When: November 15
Topic: 10 months after the mandate to comply with NIST 800-171, many primes and subcontractors admit the underestimated the cost of implementation.
Understand and comply with DFARS & NIST 800-171
Hosted By: ForeScout
Presented By: Michael Correa, strategist for federal agencies will provide a path to strengthening your System Security Plans.
When: November 29
Topic: Learn seven tips to quickly comply with NIST 800-171
Implementing NIST 800-171 with ForeScout
Hosted By: SANS
Presented By: James John, Senior Engineer with ForeScout
When: December 6
Topic: View a demonstration of how to use the ForeScout platform to identify gaps in your System Security Plan (SSP).
A quick review of how to simplify compliance with major regulations such as GDPR and HIPAA and frameworks such as NIST 800-171. The ForeScout Compliance Guide can help you power through your audit plans and improve the way you manage risk!
- Data Security Concerns – Data Breaches, Data Security, Securing Financial Networks, National Security Concerns, Protecting PHI, Protecting Card Holder Data
- Regulations – Continuous Diagnostics and Monitoring – Download the Solution Brief.
- FFIEC, GDPR and HIPPA Requirements – With 100% visibility, Continuous Monitoring and Orchestration, ForeScout helps meet all these requirements.
- Automated NIST 800-171 Compliance – ForeScout addresses 12 of the 14 NIST 800-171 families. Continuous Compliance with 800-171 White Paper | Solution Brief
- NYDFS 500 Compliant – ForeScout helps Financial Services with NYDFS 500 compliance. Solution Brief
- PCI-DSS Controls – Enabling Cardholder Data Security with ForeScout Solution Brief
Compliance Guide – Everything about your compliance needs.
Learn about data security and regulations within your industry, including how to continuously satisfy compliance requirements and simplify reporting.