Absolutely not! But like that famous ball in Times Square on New Year’s Eve, the clock is ticking down. It’s time to get in compliance with the upgraded cybersecurity standards outlined in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.”

Federal government contractors need to meet these enhanced stipulations before the ball drops on Dec. 31, or they risk losing business.

Federal Contracts at Risk

If you haven’t already incorporated this higher level of security into your operations, you need to quickly assess which areas need more work to get up to speed. Then you’ll need to implement the necessary changes to demonstrate that your entire organization can meet the new requirements.

If you don’t take these steps immediately to bring your operations into compliance with these new IT regulations for safeguarding Controlled Unclassified Information (CUI), you may risk losing your federal contracts.

Most contractors regularly process, store and transmit these types of sensitive federal information in their IT systems as part of their role in delivering essential products and services to federal agencies. The government announced these plans in 2015 to strengthen protections to prevent data breaches.

Plan for Maintaining Compliance

While the end of the year is the deadline for meeting these new security requirements, it’s not the end of the process. Achieving compliance is only the beginning. Maintaining compliance is the ultimate goal. That’s why you need a plan of action for greater protection of sensitive data for the long haul.

These updated specifications do not represent a one-and-done situation. They’re the new reality. While you need to take steps to comply immediately, you also need to ensure your systems incorporate these IT best practices moving forward.

NIST SP 800-171 identified 110 security controls that are divided into these 14 categories:

1. Access Control
2. Audit and Accountability
3. Awareness and Training
4. Configuration Management
5. Identification and Authentication
6. Incident Response
7. Maintenance
8. Media Protection
9. Physical Protection
10. Personnel Security
11. Risk Assessment
12. Security Assessment
13. System and Communications Protection
14. System and Information Integrity

Crunch Time Is Here

We understand the importance of network security and data protection, and we’ll help you protect the federal information you need for your business’ critical operations.

We have IT support staff available to take your calls and answer your questions about this crucial change to your systems. We provide advisory, assessment and implementation services to help you meet NIST SP 800-171. But with the deadline for implementation looming, you can’t afford to wait any longer to contact us so we can help you maintain the government contacts your business needs to succeed.

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Let V2 Systems handle the technology while you concentrate on your vision.