Hi there,
Get ready for the blending of Contract Compliance and Cyber Security Compliance. Over the next several months, you will begin hearing more and more about Executive Order 13556, which established the Controlled Unclassified Information (CUI) Program.
Both NIST and NARA have been working on guidelines around access to CUI that will eventually be incorporated into a FAR clause. This FAR clause will be designed to ensure that contractors implement security policies and procedures internal to their operations to protect any sensitive data they may access.
This FAR clause will not be limited to traditional "Cyber" companies and service providers, but ALL government contractors that have access to sensitive data, including accounting firms, management consultants, etc...
Now is the time to get educated, so stay tuned, as we will be tackling this topic more in-depth over the coming weeks.
Sincerely,
Kevin Lancaster
CEO, Winvale