InfusionPoints' Recent Blogs

Authored by: Gary Daemer
DFARS/NIST compliance is hard We are hearing more and more from our customers every day that they are being required to attest to their DFARS compliance status and all indicators are that these requirements are continuing to expand to civilian agencies as well. The most common NIST SP 800-171 security control requirement gap we find with our customers is the lack of a security operations capability.
Authored by: Gary Daemer
On April 24, 2018, the Department of Defense (DoD) issued a Notice and Request for Comment on draft guidance for procurements that require contractors to meet security requirements outlined in NIST SP 800-171*. The proposed guidance, provides an approach to assessing the contractors’ System Security Plans (SSPs) and Plans of Action and Milestones (POA&M).  The approach focuses on the security requirements that are not yet implemented. This…
Authored by: Jason Shropshire
Note: This is part 4 of a multi-part series. See the links below for other topics in the series.
Authored by: Jason Shropshire
Note: This is part 3 of a multi-part series. See the links below for other topics in the series. Today we will address questions around handling and classification of the FedRAMP System Security Plan (SSP) and other documents that are included in the FedRAMP Package. This will be closely related to the next topic regarding the protection of this data. 

Let us know how we can help with your Cyber Security Challenges

Contact Us