What is DFARS?
DFARS is a set of cybersecurity regulations that the Department
of Defense (DoD) now imposes on external contractors and suppliers.
DFARS stands for Defense Federal Acquisition Regulation Supplement. The Department of Defense uses it to protect confidential information.
Why is DFARS implemented?
Government employees and contractors are likely to be targeted by hackers and nation-states, so authentication solutions need to be resistant to phishing and account takeovers, and comply with federal regulations. DFARS provides a set of adequate security controls to safeguard information systems where contractor data resides.
What is DFARS compliance?
Under DFARS, DoD contractors and subcontractors must implement controls that are specific in the NIST SP 800-171. These requirements are set in place to protect controlled unclassified information in nonfederal information systems and organizations.
Types of cybersecurity threats in government
Two-thirds of more than 70 ransomware attacks in the United States in the first half of 2019 involved local and state government organizations.
The government sector is one of the top three sources of breached records.
Foreign governments, cyber activists, and email hackers have interfered with the apparatus of democracy, elections.
- Multi-factor authentication in the federal government
- Multi-factor authentication in the state and local government