• Home
  • News
    • Features
    • Latest/Upcoming Tech
    • Product Review
    • Tech Events
  • Technology
    • Computing
      • Hardware
      • Software
    • Mobile
      • Devices
    • Apps
      • Messaging App
  • Innovation
    • Startups
    • Smart Gadgets
    • Augmented Reality
    • Cloud Computing
  • Business
    • Internet Commerce
    • Tech Market
  • Tips & Tricks
  • Miscellaneous
    • Jobs / Career
    • Social Media
TheTechNews
  • Home
  • News
    • Features
    • Latest/Upcoming Tech
    • Product Review
    • Tech Events
  • Technology
    • Computing
      • Hardware
      • Software
    • Mobile
      • Devices
    • Apps
      • Messaging App
  • Innovation
    • Startups
    • Smart Gadgets
    • Augmented Reality
    • Cloud Computing
  • Business
    • Internet Commerce
    • Tech Market
  • Tips & Tricks
  • Miscellaneous
    • Jobs / Career
    • Social Media
Security

What Is Controlled Unclassified Information (CUI)?

by Emily Forbes
-- September 22, 2021
What Is Controlled Unclassified Information (CUI)?

 

The federal government has a plethora of information and data stored throughout its servers. Much of this data is used by companies who contract with the government in the design and building of many different projects. The most commonly known type is classified information. But there is another category that is also protected by law. This is Controlled Unclassified Information (CUI). Though not classified, companies must still handle it according to regulations set by federal agencies. But what constitutes CUI and distinguishes it from other information? Here is some background.

How Information Is Classified as CUI

The National Archives and Registration Administration (NARA) was charged with the responsibility to designate data as CUI as per an executive order signed by President George W. Bush in 2009. NARA also sets the rules and standards for disseminating, marketing, controlling and disposing of such information as well as the parameters of CUI compliance for federal contractors. NARA provides oversight for all aspects of handling CUI.

CUI Compliance

closeup photo of turned-on blue and white laptop computer

Companies that use CUI in their business must demonstrate compliance. However, unlike most federal standards, CUI compliance does not require a third-party audit. Companies that wish to declare compliance must produce a written system security plan in which is detailed how security requirements are being met. Included in the plan is how the company will deal with known threats should they occur as well as anticipate future threats. Any current shortcomings must also be described and there must be a plan to fill those gaps in the future. CUI standards change frequently as cyberthreats become more sophisticated.

Scoring and the Supplier Performance Risk System (SPRS)

selective focus photography of lens

The Department of Defense has a scoring methodology for contractors’ use that assesses how well the system security plan is set to deal with the requirements of handling CUI. The score produced by following this methodology must be submitted to the government for continued work on a Defense contract.

Contractor information is stored in a federal database called the Supplier Performance Risk System (SPRS). Using this database, government officers can determine whether your company has submitted a score within the last three years before awarding a contract.

Examples of CUI

Star Wars Stormtropper figurine on table

There are many kinds of information that constitute CUI and the list is always in flux. For that reason, it can be difficult to identify every type of information that might fall into the category. However here are some examples of CUI:

  • Engineering and research data used in the development of projects for the federal government.
  • Computer software and any code used in government applications.
  • Blueprints and engineering drawings for any government use.
  • Technical manuals and reports pertaining to government projects.
  • Government project specifications or standards.
  • Research, studies, analysis and any data sets connected to government projects.
  • Lists and catalog designations associated with government projects.

CUI Is Changing

two women facing security camera above mounted on structure

The definitions and handling of CUI change over time to handle the latest cyberattacks and threats. For example, in May of 2018, the management of CUI was turned over to the Defense Counterintelligence Security Agency (DCSA). The purpose of this move was to facilitate CUI assessment standards, prioritizing of them, managing the standards as well as creating a database accessible across all departments. One of the more recent changes is the Cybersecurity Maturity Model Certification (CMMC). This ensures that companies follow the latest regulations through third-party audits in order to receive certification.

Government data, whether classified or not, must be protected. Cyberattacks occur all too frequently and a data breach can have disastrous results. It is important for any government contractor to comply with the latest CUI regulations before being awarded a contract.

Author | Emily Forbes 

An Entrepreneur, Mother & A passionate tech writer in the technology industry!

Email:-   EmilyForbes69@gmail.com

ringid
Related ItemsControlled Unclassified Information (CUI)CUI complianceCybersecurity Maturity Model Certification (CMMC)cyberthreatsFeaturedlatest cyberattackslatest cyberattacks and threats
Click to add a comment

Leave a Reply

Cancel reply

Your email address will not be published. Required fields are marked *

Security
September 22, 2021
Emily Forbes @forbesemily@yandex.com

An Entrepreneur, Mother & A passionate tech writer in the technology industry! Contact Email:- forbesemily@yandex.com

Related ItemsControlled Unclassified Information (CUI)CUI complianceCybersecurity Maturity Model Certification (CMMC)cyberthreatsFeaturedlatest cyberattackslatest cyberattacks and threats

More in Security

Why You Should Rely on Breach and Attack Simulation!

Emily ForbesJune 7, 2022
Read More

Could Your IT Team Benefit from Security Automation Solutions?

Emily ForbesApril 18, 2022
Read More
cyber security-of-RDP-by-microsoft

Reklaim Launches New SaaS-Based Privacy Subscription to Compliment Growing Compensation Mode

Emily ForbesMarch 17, 2022
Read More

The Biggest CyberSecurity Threats to be Aware of in 2022!

Emily ForbesJanuary 4, 2022
Read More

Tanium™ Launches New Risk Analysis Capability!

Emily ForbesOctober 3, 2021
Read More
How-to-Pick-a-Secure-VPN

How to Pick a Secure VPN!

Emily ForbesSeptember 19, 2021
Read More

Understanding And Fighting The Ransomware Threat!

Emily ForbesAugust 27, 2021
Read More

How Will Identity Theft  Evolve in the Upcoming Years?

Emily ForbesAugust 24, 2021
Read More

The Importance of Ongoing Cyber Security Training and Education!

Emily ForbesMay 19, 2021
Read More
Scroll for more
Tap

Top News

  • forex-trading
    10 FX Trading Strategies For Singaporean Newbies!
    BusinessJune 7, 2022
  • Why You Should Rely on Breach and Attack Simulation!
    SecurityJune 7, 2022
  • Benefits of Video Games: 6 Life Skills You Can Learn While Playing!
    GamingMay 17, 2022
  • Some Advice on Credits, Their Types, and How Refinansiering Works
    BusinessMay 11, 2022
  • Starting Your Own Online Store: Tips for Beginners!
    BusinessApril 19, 2022
  • Could Your IT Team Benefit from Security Automation Solutions?
    SecurityApril 18, 2022
  • How is AI Shaping the Deskless Workforce Industry!
    Cloud ComputingApril 13, 2022
TheTechNews

A technology media that aims at the latest tech news, events, gadgets, tools, innovations, startups and many more.

    NEWS

  • Features
  • Latest/Upcoming Tech
  • Product Review
  • Tech Events
  • Technology
  • Innovation
  • Business

    Hardware & Software

  • Computing
  • Hardware
  • Software
  • Mobile
  • Devices
  • Messaging App
  • Tips & Tricks

    Others

  • Startups
  • Cloud Computing
  • Social Media
  • Internet Commerce

Copyright © 2016 www.thetechnews.com | Pages: ABOUT US | PRIVACY POLICY | TERMS OF USE | CONTACT US

How to Pick a Secure VPN!
Tanium™ Launches New Risk Analysis Capability!