ANSWER FROM THE CYBERSECURITY EXPERTS:
Yes! Full compliance with NIST 800-171 is required by December 31, 2017. Department of Defense (DoD) contractors must notify the DoD CIO within 30 of contract award of any security requirements not implemented at the time of contract award.