Scott Nicholas
Exostar has updated its risk management service offered to defense contractors in an effort to meet a cybersecurity compliance mandate from the Defense Department.
The service now includes a questionnaire that works to guide defense contractors through more than 100 information security controls in the National Institute of Standards and Technology‘s Special Publication 800-171, Exostar said Wednesday.
Non-deviation from NIST SP 800-171 controls is required under the Defense Federal Acquisition Regulations Supplement 252.204-7008, which set the deadline for compliance in December 2017.
DFARS also requires contractors and their partners to submit a gap analysis and action plan to the DOD chief information officer within 30 days of the award.
Vijay Takanti, Exostar vice president of security and collaboration solutions, said the updates to its risk management service look to address compliance challenges that defense contractors face through modifications in the subcontractor and supplier evaluation process.
Exostar said Raytheon, Boeing, Lockheed Martin and BAE Systems have expressed their plans to use the risk management service to support their cybersecurity compliance and risk assessment needs.
