AIA has a long-standing Cyber Security Steering Committee (renamed Cyber Security Committee (CSC)) and Industrial Security Committee (ISC) both of which were recently moved from AIA’s Technical Operations and Workforce division to the National Security Policy division.
AIA has been at the forefront of industry concerns with the DoD’s release of the 26 Aug 2015 Interim Rule (DFARS Case 2013–D018). Implementation of the Interim Rule was immediate and caused industry, primes and suppliers alike, to realize the implications within the multitude of changes in the National Institute of Standards and Technology (NIST) Special Publication 800-171 (NIST SP 800-171). On 30 Dec 2015, DoD released a second interim rule which provides some additional updates restated the implementation timeframe from immediate, to requiring compliance by 31 Dec 2017.
AIA is currently engaged in a dialogue with the DoD and other involved federal agencies in an effort to find acceptable implementation practices to the more difficult controls listed in the NIST SP 800-171. The end-goal being the development of a NIST SP 800-171 implementation guide. AIA expects the final rule will be published later this Fall.