𝗧𝗛𝗜𝗦 𝗜𝗦 𝗡𝗢𝗧 𝗔 𝗗𝗥𝗜𝗟𝗟
𝗗𝗼𝗗 𝗵𝗮𝘀 𝗶𝘀𝘀𝘂𝗲𝗱 𝗮𝗻 𝗶𝗻𝗱𝗲𝗳𝗶𝗻𝗶𝘁𝗲 𝗰𝗹𝗮𝘀𝘀 𝗱𝗲𝘃𝗶𝗮𝘁𝗶𝗼𝗻 𝗳𝗼𝗿 𝗗𝗙𝗔𝗥𝗦 𝗰𝗹𝗮𝘂𝘀𝗲 𝟳𝟬𝟭𝟮.
𝗖𝗼𝗻𝘁𝗿𝗮𝗰𝘁𝗼𝗿𝘀 𝗺𝘂𝘀𝘁 𝗰𝗼𝗺𝗽𝗹𝘆 𝘄𝗶𝘁𝗵 𝗡𝗜𝗦𝗧 𝗦𝗣 𝟴𝟬𝟬-𝟭𝟳𝟭 𝗿𝗲𝘃𝗶𝘀𝗶𝗼𝗻 𝟮 𝗿𝗮𝘁𝗵𝗲𝗿 𝘁𝗵𝗮𝗻 𝘁𝗵𝗲 𝘃𝗲𝗿𝘀𝗶𝗼𝗻 𝗶𝗻 𝗲𝗳𝗳𝗲𝗰𝘁 𝗮𝘁 𝘁𝗵𝗲 𝘁𝗶𝗺𝗲 𝘁𝗵𝗲 𝘀𝗼𝗹𝗶𝗰𝗶𝘁𝗮𝘁𝗶𝗼𝗻 𝗶𝘀 𝗶𝘀𝘀𝘂𝗲𝗱.
This is good and bad news.
The good news is that the burden of implementing SP 800-171 revision 3 is delayed indefinitely.
Also, the disparity between DFARS 7012 requiring one baseline while CMMC assesses a different baseline is now avoided for the time being.
However, the bad news:
SP 800-171 revision 2 is an inferior standard and the incremental steps towards better security will be even slower.
The poor assumptions underlying SP 800-171 revision 2 and the gotcha nature of NFO controls during assessments are here to stay for a while.
I am honestly stunned that DoD published a class deviation before NIST SP 800-171 revision was published.
I'm floored that it's an indefinite timeline rather than 6, 12, or 18 months.
Incredible.
Senior Systems Engineer seeking a challenging opportunity in aerospace or C4ISR domains.
1yIs this a remote position or is relocation to TX required?