If you are a U.S. Department of Defense contractor, chances are you may already be aware of the importance of providing adequate safeguards for DoD’s covered and unclassified defense information which, at a minimum, must meet the cybersecurity standards described in NIST Special Publication 800-171. DoD now requires all contractors to be fully compliant with their specific security requirements for each of the areas of vulnerability outlined by the NIST standards (800-171). But with the increased vulnerability of transactional, proprietary and sensitive data shared across a global supply chain, OEMs and other industries are beginning to embrace the idea of developing a unified set of information and cybersecurity expectations.
According to the recent article, “Auto Industry Collaborates on New Cybersecurity Guidelines”, it was the devastating effects of commercial cyber terrorism throughout the auto industry’s supply chain that drove industry leaders to call for new strategies and best practices. In response to this collective desire for the implementation of heightened and more uniform protective measures, the Automotive Industry Action Group (AIAG) recently released a guide for automotive trading partners. The AIAG’s publication, “Cyber Security 3rd Party Information Security”, details cybersecurity strategies that are based on the best practices and standards of NIST 800-53 and 800-171.
While the comprehensive implementation of increased cybersecurity measures can initially seem overwhelming for smaller businesses, the implications of side-stepping enhanced cybersecurity loom large for suppliers that want to remain competitive. There’s no time like the present to evaluate what measures may need to be taken to meet the standards of NIST 800-171 before the consequences of leaving your information assets (and those of your customer) exposed come back to bite you.