Can Your Contracting Business Afford to Become NIST 800-171 Compliant?

“$26,000,” he said. Then I asked the man how many employees he had – just 2. My fellow government contractor had just punched in a few numbers on a website forecasting

estimated costs for compliance to the new DFARS adoption of NIST 800-171 guidance on Cyber Security. “So much regulation, it’s like they want to run you out of business,” the man fumed.

Cyber Security is top of mind right now for Americans as both consumers and as business owners, but a lot of folks have a real fear that they cannot afford Cyber Security services.
After hearing this same sentiment a few times from prospects as I make calls to Federal Government contractors, I decided to make this post to address it.

Cyber Security. Yes, it involves technology. And yes, our analysts undergo extensive training, but NO – it doesn’t have to sink your business in costs either!

After we meet with our partners and present our findings and the associated path to correct any deficiencies, they’re rather surprised how affordable NIST 800-171 Compliance can be.

Your Cyber Solutions should be scaled to be right sized for your business and the government has given considerable leeway in this regard.

For example, did you know that your company could have a deficiency but be in compliance with NIST 800-171?

Or did you know that having effective Policies and Procedures in place are a great majority of the requirements of the NIST Instruction?

Or that we leverage your existing IT Infrastructure to implement changes in your network policies to get you compliant?

The Government does NOT want to shut out contractors due to NIST 800-171, but those who take a proactive approach to Cyber Security by bringing their company compliant – even if they just take care of the basics, will be much better off in the event of a Federal NIST Audit.

So no, a two-person business shouldn’t need to spend $30 grand to be NIST 800-171 compliant. A right-sized solution exists and no website will be able to adequately predict this cost accurately without a deep dive into your network.

I hope this post was able to give some encouragement to smaller businesses hoping to compete for DoD contracts while containing their costs. If you liked it, please give it a share.

Leave a Reply

Your email address will not be published. Required fields are marked *