The NIST Controls Awareness Training (NCAT) is a project geared towards equipping companies
with the knowledge necessary to make cost effective decisions on how to comply with DFARS
252.204-7012 via the NIST 800-171 security controls.
By not being in compliance with the 110 security controls outlined in NIST 800-171, a
company puts itself in danger of having contracts revoked and/or potentially exposing important
information and services to possible theft, manipulation, interruption, etc.
The training is divided into five primary sections:
Start the NIST Training
- Effects of Cybercrime on Businesses and Beyond - This module provides important details
on the impact of cybercrime on businesses and the interests of the United States.
- DFARS 252.204-7012 – This module gives an overview of key requirements outlined in the
clause and how they impact businesses moving forward.
- Getting Started with CSET – This module introduces the Cybersecurity Evaluation Tool
(CSET) and provides a step by step walkthrough on how it can be used. This is a free product
from the Department of Homeland Security (DHS) that provides a systematic and repeatable
approach for assessing the security posture of cyber systems and networks.
- NIST 800-171 Families – This module provides a breakdown of each control within the
14 families of NIST 800-171. This module will be used in collaboration with the CSET tool
to give companies a clear understanding of what a given security control requires.
- Recommendations and Tips – The final module gives key recommendations and tips for how
to manage the compliance process. It also points out how assessments are performed and
highlights guidance on how to structure important supplemental documents.