Controlled Unclassified Information: A Basic Introduction to CUI

Blue digital padlock

We’ve written extensively about CMMC and NIST Special Publication 800-171, which cover the handling and protection of Controlled Unclassified Information (CUI). But what is CUI? How is it created, and why is it so important to protect?

Here, we’re digging into CUI and why it’s integral to significant cybersecurity frameworks in the federal marketplace. 


Read More

Leveraging Managed Security Service Providers for NIST 800-171 and CMMC Compliance in the Defense Supply Chain

glowing lock on binary code

The complex relationships between government agencies, third-party vendors, and managed service providers form a challenging web of connections that comprise the DoD digital supply chain. Both NIST 800-171 and CMMC address these at various points, expecting providers to adhere to complex security requirements. These requirements can become so complex that they may turn to Managed Service Providers (especially those in the security space) to help them maintain compliance. 

This article will cover how an MSSP can help you streamline compliance across frameworks like NIST 800-171 and CMMC. 


Read More

CMMC 2.0 Updates: More Contractors Expected to Require Full CMMC Certification

CMMC featured

With the Department of Defense unveiling CMMC version 2.0 last November, many contractors breathed a sigh of relief. The relaxed assessment requirements and streamlined structure signaled a willingness from the DoD to work with assessors and contractors to find a way to promote security over Controlled Unclassified Information (CUI) without making the process harder than it needed to be. 

Read More