Protecting your Controlled Unclassified Information (CUI)
Our NIST 800-171 assessment focuses on the protection of controlled unclassified information (CUI) in nonfederal systems and organizations. The NIST standard guides organizations with contractors or subcontractors handling CUI and how to protect the confidentiality and security of this data. The requirements laid out in this framework apply to all components of nonfederal systems and organizations when processing, storing or transmitting CUI within their control.
The Department of Defense (DoD) considers this a minimum security standard, which should be in place when working with CUI data. The cybersecurity risks that comes from any third party is a growing concern and the DoD is taking this risk seriously. Throughout the NIST 800-171 standard there’s 110 controls spread across 14 control families that both contractors and subcontractors must implement in order to fulfill the necessary requirements.