Cybersecurity, Privacy, & AI

Trending Now

Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World

Published on April 13, 2022 • Cyber

Show Me Your SSPs: DOD to Begin Requesting and Assessing Contractors’ System Security Plans

Den Rise | Shutterstock

At a recent Town Hall Meeting hosted by the CMMC Accreditation Body, a Defense Contract Management Agency representative announced that they will begin assessing contractors’ compliance against NIST SP 800-171 security controls through the “Medium Assessment” process that the DoD prescribed in the interim rule that created Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7020. In a Medium Assessment, the Government reviews the contractor’s current documentation (primarily the System Security Plan) and the contractor’s previous self-assessment, which contractors were required to complete by November 2020. The representative explained that he expects these assessments to begin in “a couple months.”

Source:

Wiley: Show Me Your SSPs: DOD to Begin Requesting and Assessing Contractors’ System Security Plans

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.