Industry groups representing the defense industrial base are highlighting inconsistencies across the federal government over regulations addressing the handling of controlled unclassified information and potential impacts from the Pentagon's Cybersecurity Maturity Model Certification program, in filings to the Office of the National Cyber Director. National Institute of Standards and Technologies Special Publication 800-171 establishes requirements for contractors handling CUI on nonfederal systems. While the NIST guidance is the foundation of the CMMC program, the Department of Homeland Security has a...
