Doing business with the US Department of Defense requires the protection of Controlled Unclassified Information (CUI).
Government contractors who fail to protect the confidentiality, integrity, and availability of this information according to NIST 800-171 compliance standards, risk loss of existing contracts or the ability to remain competitive on future contract bids.
The DoD has made the National Institutes of Standards and Technology data security guidance NIST 800-171 requirements mandatory as of December 31st, 2017. The Totem team is in a unique position to understand the strict cybersecurity requirements (outlined in NIST 800-171 compliance) that the DoD has placed on their contractors and sub-contractors—we execute DoD contracts ourselves. Our NIST 800-171 compliance and security assessment tools coupled with training will help lead your organization toward compliance. Our Cybersecurity Planning Tool can organize the reports that help navigate a government-mandated audit.
To ensure contractors don’t become a cybersecurity risk themselves, the DoD is requiring contractors to focus more on risk management and meet certain cybersecurity NIST 800-171 requirements developed over many years by the National Institute of Standards and Technology (NIST). This includes standards for authorization, risk assessment, continuous monitoring, and cybersecurity training practices. NIST 800-171 requirements for government contractors are broken down into 14 compliance families.
These families contain over 100 individual requirement statements, which translate into over 680 required actions on the part of a DoD contractor. If your organization currently executes a DoD contract, or plans on proposing to DoD contracts in the future, you need to start now to align the technical, managerial, and operational facets of your information system to the NIST 800-171 requirements. The NIST 800-171 Compliance Checklist of 14 required families is only the beginning of your NIST 800-171 implementation journey, our compliance software simplifies this daunting task.
Too Technical? Need Translation?
Totem’s Cybersecurity Planning Tool will help you stay organized with a full array of tools and status elements to provide evidence of compliance, status reports, and alert you to any problems within the 14 families, 109 Requirement Statements, and 688 Unique Required Actions for Contractors. Your compliance status is verified during an audit using Totem’s simple POA&M report generator. Abiding by the NIST 800-171 requirements gives you the ability to keep current contracts and makes you competitive when bidding on new ones.
There is more to cybersecurity compliance than checking off boxes on a lengthy list. Attaining regulatory compliance is offering organizations a false sense of security on many levels–not only as a result of the new threat landscape but also when we consider the ways in which emerging connected technology is being used. We will help you know what your organization needs in order to complete a full NIST 800-171 implementation and be compliant to industry regulations and, with proper assessments, we will show you where you are falling short and where to focus your efforts. Totem provides you compliance management services to ensure you meet your regulations .
The NIST 800-171 requirements for subcontractors are under the same stringent regulations as any other DoD contractor. It is advised that you require your subcontractors to adhere to the same guidelines that you do as the Prime Contractor. Your reputation and ability to keep your current contracts and stay competitive when bidding on new contracts depends upon whose company you keep and how they reflect upon your company. Totem’s Cybersecurity Planning Tool Enterprise License allows you to monitor your subs to ensure uniformity in your organization’s compliance.
We customize services based on your needs.
We currently execute multi-million-dollar DoD contracts and operate a ‘covered contractor information system’, so we are in your corner.
We’ve performed security assessments on dozens of systems—including our own network. As a result, we know how difficult it is to do a security assessment from scratch, or to try to learn how from a webinar or online tutorial.
We do what you do (or are attempting to do) every day. We will show you how it works for us then customize a plan to get your company up to speed. We are here help you get compliant to NIST 800-171 requirements now without the inflated costs of enterprise size cybersecurity companies. We provide military-grade cybersecurity for your budget. We are NIST 800-171 experts. Proper cybersecurity and NIST 800-171 compliance are much more than pretty packaging and eye-catching graphics. No offense, but don’t you want the best? Totem caters to small businesses so Totem will fit perfectly with your current business structure and it is customizable so it will grow with you. Totem can make this easy.