Radical Changes in Protecting Federal Information for All U.S. Contractors

NIST Special Publication 800-171 provides federal agencies with
recommended requirements for protecting the confidentiality of CUI: (i)
when the CUI is resident in nonfederal information systems and
organizations; (ii) when the information systems where the CUI resides
are not used or operated by contractors of federal agencies or other
organizations on behalf of those agencies; and (iii) where there are no
specific safeguarding requirements for protecting the confidentiality of
CUI prescribed by the authorizing law, regulation, or governmentwide
policy for the CUI category or subcategory listed in the CUI Registry.
The requirements apply to all components of nonfederal information
systems and organizations that process, store, or transmit CUI, or
provide security protection for such components. This session will
address the NIST SP 800-171 Publication.