The Department of Defense (DoD) is seeking comments on an interim rule to implement the Cybersecurity Maturity Model Certification framework and an assessment methodology as part of efforts to better protect unclassified data within the DoD supply chain and evaluate vendors’ implementation of cyber requirements. DoD introduced the interim rule as an amendment.
Read More »DoD Seeks Public Comments on Guidance for Unclassified Information
The Defense Department has requested public insight on its draft procurement guidance that requires the adoption of a National Institute of Standards and Technology rule that safeguards controlled unclassified information in non-federal systems and organizations. The Defense Acquisition Regulations Systems said in a Federal Register notice posted Tuesday DoD drafted …
Read More »DoD Gives Extension for Vendors to Implement NIST Cloud Security Requirements
The Defense Department has issued an interim rule that amends a provision in the Defense Federal Acquisition Regulation Supplement to enable contractors to implement National Institute of Standards and Technology security requirements through Dec. 31, 2017. A notice posted Wednesday on the Federal Register indicated that the extension is in response …
Read More »NIST Issues Final Guidance on CUI Protection in Nonfederal Systems
The National Institute of Standards and Technology has finalized its guidance on how to implement measures to protect sensitive federal information in the hands of government contractors. NIST said Friday it worked with the National Archives and Records Administration to develop the “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” (NIST Special …
Read More »