When it comes to hot topics in federal contracting for 2017, cybersecurity is at the forefront, and no company is too small or too large to ignore what is happening in the world. If you are doing business with the federal government, you must act now to get your team and any subcontractors ready to comply with the new cybersecurity regulations taking effect on Dec. 31st, 2017.
Cyber threats pose a significant risk not only to your business but also your customers, suppliers, prime contractors, and subcontractors. Hackers may even use your company to penetrate higher value targets you are doing business with such as the federal government. The Department of Defense is taking preventive steps by issuing specific requirements for all its vendors which will take effect at the end of 2017. It’s entirely possible that other agencies will eventually follow suit.
So what should you do to protect your business from cyber threats? How can you prepare your team for the new cybersecurity regulations? One of the biggest challenges for contractors trying to learn about cybersecurity is how to wrap their heads around the massive amounts of information, training, and resources that now exist from government agencies, private industries, and other entities. Where do you begin?
- A good place to start is by speaking with your local Procurement Technical Assistance Center (PTAC) to find out how the new regulations may impact your business and what resources and training are available to support you in this effort.
- Appoint a Cybersecurity Officer (CSO), Specialist, or Manager to take the lead and be responsible and accountable for ensuring that your business is both protected and compliant with federal regulations related to cybersecurity. If you are a one-person show, then make this another hat you wear.
- Educate your team. Have your CSO acquire and disseminate educational resources and training for your entire team, and make it a mandatory requirement for your personnel. Especially anyone with an email account. A good place to begin is Govology’s on-demand course “Cybersecurity Compliance: Threats, DFARS, Requirements, Standards, and Assessments” presented by Michael Semmens of Imprimis, Inc. Ask your local PTAC for a promo code to receive free access to this training.
- If necessary, partner with an outside firm specializing in cybersecurity matters for government contractors. Your local PTAC may be able to connect you with knowledgeable and trustworthy cybersecurity professionals who can help you secure your business and ensure that you are compliant with federal regulations.