CUI

Cyber Security

The Federal Government depends on contractors like BCT to provide mission and business services. Because the security of these services depends on the information systems used by contractors, the Government has provided cyber security guidance to be followed by contractors on non-federal information systems.

BCT LLC complies with all of the DFARS requirements for Covered Contractor Information Systems or Covered Defense Information (CDI), which includes controlled technical information (CTI), export controlled information, critical information, and other information requiring protection by law, regulation, or Government-wide policy for unclassified information. Our assistance includes ensuring that your IT architecture and systems meet applicable security requirements and that you are postured to comply with the requirements for Cyber Incident Reporting.


Executive Orders

Executive Order 13556, Unclassified Information, established a government-wide standard for unclassified information.

Executive Order 13556, Unclassified Information, 4 Nov 2010

Executive Order 13636, Improving Critical Infrastructure Cybersecurity, established the Cybersecurity Baseline Framework, including policy, coordination, and privacy guidelines.

Executive Order 13636, Improving Critical Infrastructure Cybersecurity, 12 Feb 2013

NIST Standards

Nonfederal organizations that collect or maintain information on behalf of a federal agency or that operate or use information systems on behalf of a federal agency, must comply with the requirements in the Federal Information Security Modernization Act (FISMA), including the minimum security requirements in NIST FIPS Publications.

Federal Information Processing Standards (FIPS) Publication 199, Standards for Security Categorization of Federal Information and Information Systems

Federal Information Processing Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems

NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations

NIST Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories

NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, June 2015

NIST Cybersecurity Framework, Feb 2014


Not An Endorsement

References to Government publications and standards are provided for information purposes only and do not constitute or imply the Government's endorsement of our services or systems.