General Awareness

• Supplier Security Bulletins
• Publications
• Training and Education
• Resources

Supplier Security Bulletins

• SSB-003 – Urgent Security Patch Notice (PDF) - 01/26/2020
• SSB-002 - Counterfeit Security Systems (PDF) - 11/21/2019
• SSB-001 – Purchase Order Fraud – ask your buyer for a copy

Publications

• 2020 – DFARS SIB – Cyber Forensic Analysis (PDF)
• 2019 – DFARS SIB – Cyber Security and Compliance on Your Business Networks (PDF)
• 2018 – DFARS SIB - Protection of CDI (Covered Defense Information) (PDF)
• 2018 – DFARS SIB - Safeguarding Covered Defense Information and Cyber Incident Reporting (PDF)
• 2017 – Security Updates - SIB - Upcoming DFARS Requirements (PDF)
• 2017 – Security Updates - SIB - Preventing Business Email Compromises (PDF)

The following links are third party resources which can help your company get a broader understanding of the current security risks and how to mitigate them.

• March 2019 National Institute of Standards and Technology (NIST) Article: 5 Frequently Asked Questions Among Manufacturers about Government Cybersecurity Requirements
• 2018 FBI IC3 Internet Crime Report on Criminal Cyber-Attacks; Business Email Compromise, Extortion and Tech Support Fraud (PDF)
• Aug 2018 Deliver Uncompromised - MITRE report on elevating security to combat the security risks that affect the acquisition process
• Department of Homeland Security: Small businesses are targets for cyber-attacks
• Federal Bureau of Investigation tips and resources on protecting your family
• 2019 Symantec Internet Security Threat Report (PDF)
• 2018 Article from ASIS International titled How to Hack a Human - The threat of espionage and exploitation
• Malwarebytes is a resource defining different types of viruses

Back to top

Training and Education

• Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA)
  • Free resources for training and awareness including certificate programs
• National Institute of Standards and Technology (NIST)
  • Free Upcoming Training Events available to the general public
  • Manufacturing Extension Partnership (MEP) - for small to medium sized manufacturers
U.S. Small Business Administration (SBA)
• Training exercise provided by the SBA is an educational tool addressing the importance of protecting information within your business
• The National Counterintelligence and Security Center (NCSC) - Information and educational resources regarding Supply Chain Risks and Vulnerability’s
• Reports, Education and Additional Resources
• Posters, Brochures and Videos

Back to top

Resources

• Defense Logistics Agency Joint Certification Program (JCP)
• Joint Certification Program (JCP) Search


• Commercial and Government Entity Program (CAGE) Search
• NATO CAGE (NCAGE) Search


• DD Form 2345 MILITARILY CRITICAL TECHNICAL DATA AGREEMENT (PDF)
• DD Form 2345 Instructions


• Department of Defense (DoD) Executive Services Directorate Directives
• Department of Homeland Security (DHS) Critical Infrastructure Cyber Security - Resources relating to the cybersecurity framework
• The Information Technology - Information Sharing and Analysis Center (IT-ISAC) - A community forum for Information sharing between various companies regarding Cyber Security and current Cyber Threats
• The National Defense Information Sharing and Analysis Center (ISAC) - A community forum for information sharing between various companies, covering topics such as Physical Security, Insider Threat, Vulnerabilities and Threat Remediation
• Department of Homeland Security (DHS) - Critical Infrastructure Cyber Community Voluntary Program. Cybersecurity Resources for critical infrastructure, small and midsize business
• The Submarine Industrial Base Council

Back to top