Approved for 1 GIAC CPE; Recommended for Acquisition Training
NIST SP 800-171 and DFARS Clause 7012 were implemented to establish structure and protection around the unclassified, but sensitive, information used by non-government organizations while executing their contract-related activities. This information may be exchanged prior to, during the conduct of, or as a product of these efforts. Meeting the NIST/DFARS requirements can be challenging for Small Businesses, especially those that may not employ their own information technology staff. Further, as these new requirements are being integrated, it is not always clear as to what constitutes protected data and whose responsibility it is to define and secure it. Join us for a brief discussion regarding the trials, pitfalls, and successes from the perspective of small business leaders who have undertaken this compliance challenge.