Tech Thursday: DFARS In Depth – Part 9: System and Information Integrity

For our final installment of the “DFARS In Depth” series, we’ll cover the last of the fourteen security requirement families in NIST SP 800-171 -- System and Information Integrity.

While you may have spent fantastic amounts of time and energy securing your systems, the requirements in this family remind us that security is an ongoing process, which requires constant monitoring and adjustment.

Tech Thursday: DFARS in Depth – Part 7: Risk and Security Assessment

As we continue our in-depth look at NIST SP 800-171 as it applies to DFARS, we will get into two important assessments that organizations need to make continually: risk assessment and security assessment.

As both your systems and threats against those systems continue to evolve over time, it’s important that you implement routine checks to make sure that you’re still secure and in compliance with regulations.

DFARS In Depth – Part 5: Incident Response and Maintenance

Our in-depth discussion of the DFARS security requirements as set out in NIST SP 800-171 continues with the next two security requirement families: Incident Response and Maintenance.

Both of these security families involve taking steps to make sure that the security infrastructure that you’ve put in place remains functional and responsive to new threats.

DFARS In Depth – Part 4: Identification and Authentication

To continue our discussion of the DFARS requirements of NIST Special Publication 800-171, this week we’ll discuss the Identification and Authentication security requirement family.

This requirement family covers how we verify that the users and devices connected to our systems 1) are who they say they are, and 2) should have access to what they’re accessing.

DFARS In Depth – Part 3: Configuration Management

To continue our discussions of the security requirements of DFARS and CMMC, this week we’ll be looking at the fourth security family in NIST SP 800-171: Configuration Management.

Configuration management is a set of practices that ensures that your systems and devices are configured correctly from the start, and that any changes made to their configuration does not affect the security of your systems.

Tech Thursday: DFARS In Depth – Part 1: Access Control

Recently, we looked at the new DFARS regulation for defense contractors, called the Cybersecurity Maturity Model Certification, and what your business can do to prepare for its implementation. As we mentioned, CMMC will be largely based on NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”. So, starting this week, we will examine each of the 14 security requirement families outlined in SP 800-171, and how your business can implement their requirements successfully, even in a small network.