NIST Releases Guidance for Securing Unclassified Data in Nonfederal Systems

The National Institute of Standards and Technology has issued its guidance on ensuring the security of government information housed in systems not owned and operated by federal entities.

The guidance, titled “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”, includes security recommendations for agencies seeking to ensure the confidentiality of CUI in systems that don’t operate under government oversight.

NIST noted that the guidance may be used to inform the development of requirements in contract vehicles and other agreements with commercial entities. Technologies covered by the guidance include components of nonfederal platforms that process CUI or provide protection for such data. 

According to the agency, protection of CUI is “of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential missions and functions.”

You may also be interested in...

Federal Cybersecurity

Senate Committee Releases Federal Cybersecurity Report

The Senate Homeland Security and Governmental Affairs Committee has issued a 47-page report outlining a list of recommendations to improve the cybersecurity posture of federal agencies. The Senate panel’s Federal Cybersecurity report recommends that the Office of Management and Budget (OMB) direct agencies to adopt a risk-based budgeting framework for information technology investments.