The Department of Defense’s DFARS Interim Rule mandates that defense contractors not only perform a self assessment based on NIST 800-171, but also report that score to the DoD. The Interim Rule, already in effect, also places responsibility for subcontractors’ compliance with DFARS, NIST and CMMC squarely on the shoulders of their contractors. This responsibility extends throughout all levels of the supply chain—not just to contractors’ direct suppliers. Yet it is widely acknowledged that many subcontractors are currently non compliant with NIST 800-171 controls. Clearly, to preserve their own competitiveness, primes and other contractors stand to gain from helping their subcontractors expedite their compliance journey.
In light of contractors’ increased responsibility to protect their supply chain, this brief focuses on PreVeil’s unique three-step solution for contractors to help their suppliers achieve greater levels of cybersecurity and compliance. This comprehensive approach offers uncompromised cybersecurity for handling CUI, and recognizes what it takes for a small to medium-size subcontractor to achieve full compliance.