Risk Based Approach to Addressing Cyber Attacks
Cyber threats are constantly evolving. They are becoming more sophisticated, targeted and sustained. According to research, approximately 60% of all attacks are aimed at small and medium-sized businesses (SMBs)—companies, that often times, have fewer resources to invest in cybersecurity.
As a result, cybersecurity is getting a lot of attention. Businesses and government alike share grave concerns about these risks. In fact, all organizations who provide services through contracts with the Department of Defense (DoD), are required to document and affirm their compliance with the DFARS 252.204-7012 cybersecurity requirements—requirements that were put in place for all DoD contractors at the end of the 2017.
Begin Your Journey to Compliance Today
For more information about emerging cybersecurity threats and compliance requirements please refer to the free resources provided below. If you’re interested in speaking with someone about more in-depth and customized cybersecurity solutions, please contact us today.
Free Cybersecurity Resources
Changing the Game on Cyber Risk
To assist you with your compliance initiatives to the new DoD requirement, we offer a complete Cybersecurity Toolkit, complete with downloadable materials. The IES Cybersecurity Awareness Toolkit is designed to provide the materials you need to understand the requirements, document your compliance, and train your employees on cybersecurity awareness.
A Cybersecurity Toolkit for Government Contractors and Other Industry Sectors
Discover and learn about the 14 cyber security concepts that can be incorporated into your implementation plan to help secure your business and enable you to enter or continue DoD contracts by meeting the NIST 800-171 requirements. Concepts can be applied across all industries and sectors and are not limited to DoD contractors.
Get Actionable Results. This toolkit provides multiple training materials to share with employees and a variety of cybersecurity tools to assist in moving forward toward compliance.
Now the toolkit includes the NIST 800-171 Compliance Planning Tool
To get started today, access our free Toolkit here.
How You Benefit
- Develop a foundational awareness regarding the cyber risks associated with your business.
- Identify the cybersecurity requirements for all Department of Defense sub and prime contractors.
- Access to tools that you can start using immediately to track and plan for your compliance efforts.
- Access to cybersecurity awareness training materials for use in your employee awareness and training campaigns including animated videos, flyers and pocket cards.
This toolkit features video lectures contributed by Industry Expansion Solutions, the NC Manufacturing Extension Partnership, the NC Military Business Center, and the Laboratory of Analytic Sciences at NC State University. These videos and additional resources provide you with an understanding of compliance requirements, risk and potential impact on business should you encounter viruses, ransomware, breaches and other cyber attacks.
Also included is the NIST 800-171 Compliance Planning Tool.
A complete gap assessment, planning and documentation tool for NIST 800-171 compliance
The North Carolina Manufacturing Extension Partnership (NCMEP) team has created a cybersecurity compliance planning tool to help you move towards compliance. The tool is presented as a Microsoft Excel Workbook so it can be a living document that can be updated as you progress in achieving NIST 800-171 compliance. This workbook is designed to serve as a gap assessment, planning and documentation tool for NIST 800-171 compliance.
The cybersecurity compliance planning tool contains separate worksheets that address the security controls within each of the 14 families of NIST 800-171 requirements. All 101 security requirements are addressed in this tool. Each worksheet contains:
- The NIST 800-171 security requirement within that family.
- The NIST 800-53 method of control that applies to the security requirements.
- Implementation support for the security requirements.
- A compliance column to indicate whether or not you are in compliance with each security requirement within that family,
- A documentation column for use in entering locations of supporting evidence of compliance, dates of compliance, or planned compliance initiatives in progress.
Disclaimer: NC State Industry Expansion Solutions (IES) does not mandate or prescribe a particular cybersecurity plan. The materials in this toolkit and the related links are provided as examples that small businesses and manufacturers may find helpful and use at their option. They are not intended as and do not constitute legal advice and should not be acted on as such. You are solely responsible for ensuring compliance with the laws and regulations of your specific administrating bodies.