Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

New Cybersecurity Resource Created for Manufacturers

NIST Manufacturing Extension Partnership (MEP) is pleased to announce the publication of NIST Handbook 162 "NIST MEP Cybersecurity Self-Assessment Handbook For Assessing NIST SP 800-171 Security Requirements in Response to DFARS Cybersecurity Requirements.” The Handbook provides a step-by-step guide to assessing a manufacturer’s information systems against the security requirements in NIST SP 800-171 rev 1.

By December 31, 2017, defense contractors are required to be in compliance with Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting.”  The clause specifies that all Department of Defense contractors and sub-contractors that process, store, or transmit Controlled Unclassified Information must demonstrate adequate security by, at a minimum, implementing the NIST SP 800-171 security requirements.

In addition to helping defense contractors comply with DFARS, the Handbook may also be useful for other manufacturers interested in applying the NIST SP 800-171 security requirements, including those seeking to comply with the Controlled Unclassified Information Federal Acquisition Regulation (FAR) clause.  Additionally, manufacturers operating in commercial supply chains may consider implementing the NIST security requirements as an integral aspect of managing their organizational risks.

The MEP National NetworkTM has been active in providing awareness and assistance to help U.S. manufacturers protect their information assets from the risks of cyberattacks. MEP Centers can provide valuable assistance to small manufacturers seeking reduction of their cyber risks and DFARS compliance.

Learn more about the MEP National Network and download a copy of the Handbook here

Released November 29, 2017, Updated May 22, 2018