Home > Legal Updates > Prepare for the future, succeed today: Current system security plan requirements

Prepare for the future, succeed today: Current system security plan requirements

With the recent passage of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“Reporting Act”), many within the cybersecurity profession are looking forward to a bright future. However, this future should not be blinding of the current obligations existing under the Defense Federal Acquisition Supplement (DFARS). These DFARS clauses already require contractors to incorporate the National Institute of Standards and Technology (NIST). Applying NIST SP 800-171, contractors are responsible in implementing three layers of Incident Response. Furthermore, a representative from the Defense Contract Management Agency (DCMA) reminded contractors of some of their other current legal obligations. Read more…