CMMC leaders push for using NIST CUI standard across federal government

By Sara Friedman / March 8, 2023 at 10:18 AM
The Defense Department's Cybersecurity Maturity Model Certification leader Stacy Bostjanick and accreditation body CEO Matthew Travis are pushing for the entire federal government to adopt National Institute of Standards and Technology Special Publication 800-171, the Pentagon's foundational standard for handling sensitive federal data for its CMMC program, to ensure consistency between defense and civilian requirements. NIST 800-171 is focused on controlled unclassified information and has 110 controls that align with level two of the Pentagon’s CMMC program. A rulemaking to...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.