Deltek Invests in Cybersecurity and Compliance to Help Government Contractors Power Project Success

The last several years have seen notable increases in cyber incidents impacting companies, our government and everyday life. Nation-state cyberattacks are rising and bad actors are getting better at stealing sensitive data and IP. Almost every industry or sector from banks and hospitals to schools and government, has experienced a cyberattack. This cybercrime is predicted to cost the world $10.5 trillion annually by 2025.

In response to growing threats, nation-state cyberattacks, and the continued loss of sensitive information, the Federal Government needed better enforcement of cybersecurity compliance regulations for its supply chain- Government Contractors. The Cybersecurity Maturity Model Certification (CMMC) is a recent program designed to address the vulnerability of federal contract information (FCI) and controlled unclassified information (CUI) within the DoD supply chain.  In addition to CMMC, the other major compliance standards to be familiar with are:

• DFARS 252.204.7012 - Defense Federal Acquisition Regulation Supplement requires DoD contractors to provide adequate security for Covered Defense Information (CDI) by implementing NIST SP 800-171 controls and only leveraging Cloud Service Providers with FedRAMP Moderate equivalent security.
• NIST SP 800-171 – The National Institute of Standards and Technology is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems.
• FedRAMP – Federal Risk and Authorization Management Program delivers a standardized approach for assessing cloud products and services used by federal agencies and government contractors.
• ITAR - International Traffic and Arms Regulations restrict and control the export of defense and military-related technologies to safeguard U.S. national security and further U.S. foreign policy objectives.

Investment in Global Information Security

However, meeting these regulations and compliance standards comes at a cost. Keeping up with evolving compliance requirements and security threats takes time and resources that may not be available to all organizations. That’s why Deltek has invested significantly in its information security initiatives over the last several years. Leveraging deep government contracting industry expertise, Deltek has built a robust security program to help support its customers in meeting their compliance requirements.

Deltek’s Chief Product Officer, Warren Linscott, oversees the Product Strategy Team that is responsible for delivering secure cloud solutions to government contractors of all sizes.

Deltek’s team of experts continuously monitors the changing regulations so that its customers can focus on running their businesses and successfully delivering on government contracts.

Consequences of Non-Compliance

There are several compelling reasons why it’s critical for government contractors to meet the requirements set forth by the respective government agencies, including but not limited to:

• Avoiding fines or penalties for non-compliance
• Avoiding lack of new contract eligibility for non-compliance
• Keeping the business and its customers safe from vulnerabilities
• Improving diversification and gaining a competitive advantage
• Maintaining a reputation of security & trust with prime contractors and the federal government

Being prepared helps government contractors keep up with market demand and can give them a competitive edge when bidding on new contracts.

Security in the Cloud

Deltek is dedicated to delivering and supporting cloud solutions that align with the needs of government contractors and their evolving compliance requirements. Our cloud offerings are designed to support the unique cybersecurity compliance requirements of government contractors:

• Deltek's GovCon Cloud (GCC) and GovCon Cloud Moderate (GCCM) environments have implemented NIST SP 800-171 controls to support minimum security requirements
• Costpoint GCCM has achieved FedRAMP Moderate Ready status, is listed on the FedRAMP Marketplace and supports cybersecurity compliance requirements for government contractors
• Costpoint GCCM has also implemented a cyber incident reporting program to support DFARS 252.204-7012 requirements
• Costpoint GCCM is hosted and supported entirely in the continental U.S. and has incorporated policies and controls to support ITAR export control requirements
• Deltek’s Replicon Enterprise Time Tracking Platform has achieved FedRAMP Low Authorization and is listed on the FedRAMP Marketplace

As compliance requirements and the threat landscape continue to evolve, Deltek, as a trusted partner, is committed to protecting your data by ensuring our capabilities meet the constantly changing security landscape. We are continuously adjusting our suite of products and services to support your cyber posture by increasing investment in security, compliance, and supporting technologies for our customers – easing and scaling the systems management for your teams.