Concerns over cybersecurity are rising to the top of the agenda for every government agency. Pressures are increasing on agencies to improve protection of federal information and data. Due to these concerns, agencies are taking initiatives to require contractors to implement cyber safeguards. These new requirements are appearing in solicitations and contracts, and as flow down terms. Companies that want to win contracts need to understand how the federal government expects its contractor’s to establish and maintain a cybersecurity posture to defend against and respond to cyber threats.

For companies like Quality Associates, Inc. (QAI) who receive, process and store sensitive customer data, information security is paramount.  We focus on every aspect of protecting our clients’ material both in its’ physical format as well as digital. Attaining and maintaining the levels of security required by our customers is part of doing business and in our opinion is the only way to do business.

The information in this brief will help to explain Controlled Unclassified Information (CUI)—what it is and why it needs to be protected, NIST 800-171 compliance, SPRS Supplier Risk Score attestation and DoDs’ CMMC cybersecurity compliance.