Draft Research- DoD Compliance and IT Infrastructure
Organizations operating in diverse economic sectors must comply with the D.O.D-specific requirements within their I.T. infrastructure. One of the D.O.D. requirements they should comply with is the Defense Federal Acquisition Regulation Supplement (DFARS). DFARS comprises a set of cybersecurity requirements that contractors are called upon to meet to be deemed compliant with cybersecurity regulations (Procurement & Policy, 2013). One DFARS requirement is that the contractor establish a cybersecurity program composed of security control measures and processes directed toward data protection and preventing the system from unauthorized access, misuse, or destruction (Procurement & Policy, 2013). The other DFARS requirement that contractors should abide by is ensuring that all the personnel can easily access the D.O.D. systems or have been properly trained on security clearance measures. Get in touch with us at eminencepapers.com. We offer assignment help with high professionalism.
Furthermore, DFARS also outlines the need for contractors to implement a risk assessment and management system to identify, evaluate, and mitigate any risks that may arise in their interaction with the DoD systems and data. This makes them knowledgeable about the system’s various risks and the proper measures to adopt to combat these consequences (Toth & Toth, 2017). Another DFARS requirement is that contractors must develop and implement a plan focused on timely response to cyber-attacks and other incidents that may threaten the data being held within the DoD systems. Lastly, implementing an audit and accountability measure is also essential as it goes a long way in fostering the security of the DoD systems (Toth & Toth, 2017). The other DoD-specific requirement an organization must abide by is the National Institute of Standards and Technology (NIST) Special Publication (S.P.) 800-171 security controls.
The third DoD-specific requirement that organizations abide by concerning their I.T. infrastructure is the cybersecurity maturity model certification (C.C.M.) framework. Implementing CMMC is important because it prevents defence contractors from being hacked and losing sensitive defence information (Baikloy et al., 2020). According to the research done by the White House Council of Economic Advisers in 2018, it was established that malicious cyber-activity resulted in losses to the tune of $57 billion and $109 billion within one financial year (Baikloy et al., 2020). The aggregate loss emanating from the Controlled Unclassified Information (C.U.I.) within the DIB sector increases the risk to national economic security. Therefore, it is paramount for organizations to work with the DIB sector to enhance the protection of its C.U.I. networks.
Subsequently, adhering to these three compliance laws while conducting business on U.S. soil is important because it yields various benefits. One of the benefits that an organization stands to gain as a result of complying with these laws is that it serves to reduce the risk. Complying with D.O.D. requirements goes a long way in decreasing the risks by preventing possible events from negatively impacting the organization’s operations (Mustapha et al., 2020). For instance, the problem of loss of data can be easily prevented by ensuring that the backup is secured from any unexpected occurrences. Additionally, complying with these laws increases the efficiency of organizational operations. An organization’s bottom line can be enhanced by increasing revenues or decreasing costs (Mustapha et al., 2020). Based on these options, increasing revenues has been identified as a tough root requiring more effort; organizations should consider increasing their efficiencies to decrease operational costs. Accordingly, research has indicated that owning a comprehensive policy is important in increasing efficiencies.
References
Baikloy, E., Praneetpolgrang, P., & Jirawichitchai, N. (2020). Development of Cyber Resilient Capability Maturity Model for Cloud Computing Services. T.E.M. Journal, 9(3).
Mustapha, A. M., Arogundade, O. T., Misra, S., Damasevicius, R., & Maskeliunas, R. (2020). A systematic literature review on compliance requirements management of business processes. International Journal of System Assurance Engineering and Management, 11, 561-576.
Procurement, D., & Policy, A. (2013). Defense Federal Acquisition Regulation Supplement (DFARS), procedures, guidance, and information (P.G.I.). Subpart, 215, 11.
Toth, P., & Toth, P. (2017). NIST MEP cybersecurity self-assessment handbook for assessing NIST SP 800-171 security requirements in response to DFARS cybersecurity requirements. U.S. Department of Commerce, National Institute of Standards and Technology.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
U.S. Compliance Laws Research
Submit a draft of research on DOD-specific requirements for an organization’s IT infrastructure and U.S. compliance laws that may affect the firm.