DFARS Cybersecurity changes changes for FY 2024
Handling technical CUI using ‘adequate security’, meaning, meeting all the requirements of the NIST 800-171 version current on the date of contract signing. This includes implementation, maintenance and updating.
Contractual remedies to ensure compliance with DFAS clause
NIST SP 800-171 – failure to implement and or have a plan would be considered a material breach of contract.
DoDAM Scoring – check chart from slide but all sections aren’t scored equally.
System Security Plan Options
- DIY using NIST references
- Paying for contractors to come in 5k-35k
- Project Spectrum 9-week bootcamp 2.5k
- ACRMS self-paced video boot camp with MEP or apex accelerator $250