New Context, a leading innovator in DevSecOps and cybersecurity research for highly regulated industries, shows how its cybersecurity assessment platform, LS/IQ helps companies prepare and build sustainable software infrastructure for DFARS NIST 800-171 compliance by giving them a DevSecOps roadmap.
The Department of Defense has announced that it will be requiring all of its contractors to comply with enhanced cybersecurity requirements. The Defense Acquisition Federal Regulation Supplement (DFARS) is intended to maintain and enforce the standards set by the National Institute of Standards and Technology (NIST). These regulations are an effort to address the security gaps we are currently facing in data security. The DoD’s Cybersecurity Maturity Model Certification (CMMC) is a certification program in which 3rd party assessors will validate contractor compliance within a multi-level model. However, the CMMC framework will not be available until 2020. So what can you do to prepare in the meantime?
New Context’s LS/IQ software will evaluate a company’s IT environment and provide a DevSecOps roadmap with a clear list of tasks to be completed in order to comply with the NIST and DFARs regulations. It evaluates the entire ecosystem of your organization including people, process and infrastructure. It builds an understanding of the ecosystem, applies security models and governance models to give your LS/IQ Score, which is a current measure of your security posture.
“Compliance requirements such as those required by DFARS can be overly burdensome to some DoD contractors building software,” said Andrew Storms, VP of Product, Security Services. “In some cases, just obtaining evidence of controls to auditors can take weeks and derail a company’s strategic vision. Our LS/IQ product was built to support companies that are building software and managing IT infrastructure to meet compliance requirements in a way which is sustainable over time.”
The risk of cybersecurity non-compliance is significant. If an audit determines a failure to meet the requirements of NIST 800-171, consequences may include criminal, civil, administrative, or termination of contracts. Failure to comply with cybersecurity requirements in your government contracts could even lead to serious FCA liability. By using LS/IQ, your organization can reduce risk and increase velocity, by building an organization that delivers software that is resilient, secure and compliant.
For more information about LS/IQ visit New Context.
About New Context
New Context, Inc. is the security innovator for highly regulated industries. Our products and consulting services enable global leaders in energy, government and across the enterprise to build, deploy and maintain Secure Compliant Data Platforms. The company is a leader in DevSecOps, open standards, advancing the development of STIX, TAXII and OpenC2 for security automation as a force multiplier for defenders.
New Context, Lean Security and the New Context logo are registered trademarks of New Context, Inc. All other products or names may be trademarks of their respective companies.