Government Contractor Requirements

Guidance to help your business comply with Federal government security requirements

DFARS Cybersecurity Requirements – Information for Department of Defense (DoD) contractors that process, store or transmit Controlled Unclassified Information (CUI) who must meet the Defense Federal Acquisition Regulation Supplement (DFAR). DFAR provides a set of basic security controls.
Manufacturing Extension Partnership

NIST SP 800-171 – provides requirements for protecting the confidentiality of CUI.
National Institute of Standards and Technology

SBIR.gov – The SBA supported Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) website has many resources for small businesses doing business with the Federal Government. Please check under “ANNOUNCEMENTS” for cybersecurity events. Check under “RESOURCES” for tutorials. Examples of cybersecurity events are programs to assist a small business in using the NIST Framework (NIST SP 800-171) and for understanding CMMC 2.0 requirements.

US Air Force CISO’s “Blue Cyber” Small Business Cybersecurity – From the Office of the Air Force CISO, “Blue Cyber” has training videos, presentations and memos for defense industrial base small businesses to help them align to cybersecurity best practices. The program includes an “Ask Me Anything” event on Tuesdays.

• Following The DFARS in Your Small Business Contract  – This video presentation will guide your small business through some of the requirements and cybersecurity procedures that need to be in place to protect sensitive DoD data and networks.
  Air Force Blue Cyber Education Series
• Small Business Needs Big Cybersecurity – This presentation will take you through the vital areas of cybersecurity collaboration for small businesses in the Defense Industrial Base (DIB).
  Air Force Blue Cyber Education Series