GDPR and NIST Cybersecurity Compliance

By now, most companies know about GDPR and its directives on handling personal data — from email addresses to personnel data. But the connections between NIST cyber security compliance and GRPR compliance is far less obvious.

Identifying and Safeguarding CUI

If you’ve heard of NIST SP 800-171, or operate within the Department of Defense ecosystem, you’re probably familiar with the term CUI, or Controlled Unclassified Information. Often used interchangeably with Covered Defense Information (CDI), CUI is, technically, “information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified.”

NIST 800-171 Risk Assessments: Straight Talk

What is a risk assessment, in the context of NIST cybersecurity compliance? What does it entail? When should we conduct the risk assessment? Who can do it for us, or can we do it ourselves?

NIST Compliance: Not Just for Primes

On June 21, 2018, The Department of Defense delivered joint testimony on “Military Technology Transfer: Threats, Impacts, and Solutions for the Department of Defense” before the House of Armed Services.

NIST Data Security: Choosing a Firewall, Part 1

Deciding on which firewall to choose can be overwhelming. Because of this, companies tend to put off implementing a firewall. Here are a few tips to simplify the decision making process.