Guidance to help your business comply with Federal government security requirements
DFARS Cybersecurity Requirements – Information for Department of Defense (DoD) contractors that process, store or transmit Controlled Unclassified Information (CUI) who must meet the Defense Federal Acquisition Regulation Supplement (DFAR). DFAR provides a set of basic security controls.
Manufacturing Extension Partnership
NIST SP 800-171 – provides requirements for protecting the confidentiality of CUI.
National Institute of Standards and Technology
Project Spectrum - The Department of Defense (DoD) Office of Small Business Programs (OSBP) initiated Project Spectrum as a comprehensive platform to provide the tools and training needed to increase cybersecurity awareness and maintain compliance in accordance with DoD contracting requirements. NOTE: the resources offered through Project Spectrum are free but require a one-time registration and subsequent login to access the resources.
SBIR.gov – The SBA supported Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) website has many resources for small businesses doing business with the Federal Government. Please check under “ANNOUNCEMENTS” for cybersecurity events. Check under “RESOURCES” for tutorials. Examples of cybersecurity events are programs to assist a small business in using the NIST Framework (NIST SP 800-171) and for understanding CMMC 2.0 requirements.
US Air Force CISO’s “Blue Cyber” Small Business Cybersecurity – From the Office of the Air Force CISO, “Blue Cyber” has training videos, presentations and memos for defense industrial base small businesses to help them align to cybersecurity best practices. The program includes an “Ask Me Anything” event on Tuesdays.
Office of the Air Force CISO