November 22, 2016
4 things you need to know about new contractor requirements for classified networks
Source: Washington Technology, Dan Velez, October 27, 2016
Over the years, I’ve sought to provide practical perspectives on the National Industrial Security Program Operating Manual from the Defense Security Service. Known as the NISPOM, the manual serves as a repository of “must do’s” for Department of Defense (DoD) contractors supporting classified programs.
Given that the protection of classified information and tech systems remains an increasingly complex and constantly evolving challenge, DSS updates NISPOM as requirements shift.
In May, the most recent update was issued in what was called an “Industrial Security Letter” which summarized a number of new, minimum standards referred to collectively as “Conforming Change 2.”
The letter states that contractors cleared for work involving classified information must establish and maintain a program “to detect, deter and mitigate insider threats.” The letter mandates the monitoring of user activity on classified information systems. For example, to track “activity indicative of insider threat behavior.”
User monitoring and other measures now have emerged as requirements – not recommendations – to pursue this line of business with the government. READ MORE….
Contact your nearest PTAC to learn more about government contracting opportunities.
For help with Government Contracting: contact your nearest Procurement Technical Assistance Center (PTAC). Funded through Cooperative Agreements between the U.S. Department of Defense and state and local governments/institutions, PTACs provide free and low-cost assistance in virtually all areas of government contracting.