Tag Archives: controlled unclassified information

NIST Draft Publication Outlines Assessment Procedures for CUI Enhanced Security Requirements

Draft NIST SP

The National Institute of Standards and Technology (NIST) has issued a draft document outlining procedures that federal agencies and nonfederal organizations can use to assess enhanced security requirements for controlled unclassified information (CUI). The draft NIST Special Publication 800-172A seeks to help organizations develop evaluation plans and conduct assessments and includes procedures that can be used in self-assessments, government-sponsored assessments and independent third-party assessments.

Read More »

NIST Publishes SP 800-172 to Advise on Handling Sensitive Information; Ron Ross Quoted

National Institute for

The National Institute for Standards and Technology (NIST) has published its NIST SP 800-172 to provide advice for contractors that handle sensitive information that could be threatened by adversarial nation-states. “Cyberattacks are conducted with silent weapons, and in some situations those weapons are undetectable,” Ron Ross, a computer scientist and a NIST fellow, said. 

Read More »

John Sherman: DoD Extends Commercial Virtual Remote Capability to June 2021

John Sherman

John Sherman, principal deputy chief information officer at the Department of Defense (DoD), said DoD has moved to extend to June 2021 the use of the commercial virtual remote environment to support employees who are teleworking. Sherman said that over a million users are adopting the capability to perform calls, teaming and video conferences.

Read More »

NIST Updates Publication for Controlled Unclassified Information

Ransomware

National Institute of Standards and Technology (NIST) has released an updated draft publication that lists new requirements regarding controlled unclassified information. Draft NIST Special Publication (SP) 800-172 tackles federal CUI security from advanced persistent threats that use physical and cyber means to breach systems and access information with no authorization. 

Read More »

Margie Graves on Civilian Counterpart to DoD’s Cyber Certification Framework

Margie Graves, federal deputy chief information officer, said a civilian counterpart to the Department of Defense’s proposed Cybersecurity Maturity Model Certification would require a different structure to meet civilian agencies’ wide range of missions, Nextgov reported Wednesday.

Read More »

Katie Arrington: Pentagon’s Cyber Certification Model Specifically Designed for Small Businesses

Katie Arrington, special assistant to the assistant secretary of defense for acquisition for cyber, said the Department of Defense’s new cybersecurity certification model seeks to help small businesses comply with cyber controls through a tiered rating system depending on the platforms they are asked to protect, Fifth Domain reported Tuesday.

Read More »

Ron Ross: NIST Awaits OMB Approval of Special Publication 800-53 Revision 5

Ron Ross, a National Institute of Standards and Technology fellow, said NIST is waiting for the Office of Management and Budget’s office of information and regulatory affairs to finish its final review and approve Special Publication 800-53, revision 5 to begin soliciting public comments on six cybersecurity documents, Federal News Network reported Tuesday.

Read More »

DoD Inspector General Audits Contractor Networks, Systems

The Department of Defense's Office of the Inspector General released the results of an audit that sought to confirm contractors' capacity to secure controlled unclassified information on their respective systems and networks.

Read More »

NIST Recommends New Practices for Unclassified Info Security

The National Institute of Standards and Technology has added new information security strategies in an existing recommendation document for nonfederal organizations. NIST said Wednesday that it released a companion draft containing new recommendations for the existing publication entitled Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.

Read More »