USG CYBERSECURITY
Ensuring the Security of Controlled Unclassified Information
Our Commitment
Infinite Electronics adheres to the US Government cybersecurity controls as defined in FAR 52.204-21 and DFARS 252.204-7012. These regulations impose requirements defined within NIST SP 800-171 Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations. Although Infinite Electronics already protects all forms of company, customer and supplier electronic data, additional controls are implemented for all government contracts as required.
What is the Requirement?
NIST SP 800-171 documents cyber security requirements within the following Security Control Families:
|
|
Our Approach
Infinite Electronics has evaluated all forms of information described in the CUI Registry and determined that the only applicable information that is transmitted to us or held within our systems is the CUI related to our military ITAR programs and the Federal Contracting Information (FCI) associated with government contracts for any commercial product requiring unique design and manufacturing. This does not include standard Commercial Off the Shelf (COTS) items or COTS variants.
For Non-COTS items, Infinite Electronics has been reviewing our cybersecurity controls to ensure successful adoption of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) requirement which is set to be released in the coming months. CMMC Level 2 certification will be applied to our ITAR environment and CMMC Level 1 self-attestation will be applied to our FCI environment. This will take place within the federally dictated time frames as they are released.