Home / Acquisition & Procurement / DoD Gives Extension for Vendors to Implement NIST Cloud Security Requirements

DoD Gives Extension for Vendors to Implement NIST Cloud Security Requirements

cloud securityThe Defense Department has issued an interim rule that amends a provision in the Defense Federal Acquisition Regulation Supplement to enable contractors to implement National Institute of Standards and Technology security requirements through Dec. 31, 2017.

A notice posted Wednesday on the Federal Register indicated that the extension is in response to industry feedback on another DFARS interim rule issued in August.

The initial interim rule covered vendor compliance with cloud security requirements under NIST Special Publication 800-171 to safeguard defense information on contractor systems.

This latest interim rule also requires vendors to report unmet NIST SP 800-171 requirements to the DoD chief information officer within 30 days of the contract award.

According to the notice, public comments to the interim rule are due Feb. 29.

Check Also

Lead HHS Cyber Auditor Says Team ‘Well Aligned’ to Face Challenges

The head of cybersecurity at the Health and Human Services Department’s Office of the Inspector General recently said that he and his team are learning as much as they can about supply chain threats and application development security, to respond to such issues effectively, Federal News Network reported Friday. Jarvis Rodgers, HHS OIG Cybersecurity and IT Audit Division director, told Federal News Network via email that his unit is aware that risks related to global supply chains “present a unique set of challenges” and that poorly written code can result in costly and persistent security vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *