DFARS 252-204-7012

Subscribe to DFARS 252-204-7012 via RSS

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed that contractors must continue complying with Revision 2 thanks to a previously issued class deviation. What does this mean in plain terms? The DoD is slowly pulling back the curtain on the next major shift in cybersecurity compliance. Still, the full prestige hasn’t happened yet.Continue Reading The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) Program will become operational at some point in fiscal year 2025. In October, the DOD issued a Final Rule to address evolving cybersecurity requirements and cyber threats while defining the security controls that DOD intends defense contractors and subcontractors to implement. The program will require

The third revision of NIST Special Publication 800-171 brings substantial changes across several key areas: the structure of control families has been expanded to better address new threats, individual security controls have been updated to enhance overall system security, and the criteria for tailoring these controls to specific organizational needs have been clarified, all in