Achieve NIST 800-171 Compliance
What is NIST 800-171?
The National Institute of Standards and Technology Special Publication (NIST SP 800-171) is a set of guidelines on how to handle and safeguard Controlled Unclassified Information (CUI) that non-federal organizations handle on their networks. Information owned or created by the government which is sensitive but not classified is labeled as CUI.
What is Required To Comply With NIST 800-171?
NIST 800-171 has 110 controls (14 control families) that impose requirements at the environmental, system, access, user, and logging/auditing levels. They also set out the requirements for cybersecurity procedures and incident response plans. The application of each requirement ensures an organization’s systems, network, and employees are properly prepared to safely handle CUI.
The 14 requirement families of NIST 800-171 are:
Who Needs To Comply With NIST 800-171?
Any organization that processes or stores sensitive, unclassified information on behalf of the US government is required to be compliant with NIST SP 800-171 cybersecurity standards. By defining the cybersecurity requirements for contractors who handle sensitive government information, NIST 800-171 strengthens the security of the federal supply chain. Any business interested in enhancing their cybersecurity posture may also seek to achieve NIST 800-171 as it advances your ability to detect, investigate and respond to threats to mitigate vulnerabilities and move towards more secure operations for computer systems.
Three simple steps to achieve compliance: