NIST 800-171 is one of the newest regulations for protecting controlled unclassified information (CUI) in nonfederal systems, Department of Defense (DOD) contractors and many subcontractors are required to be compliant with this regulation. DOD is wanting to ensure certain cyber security controls are in place for its workforce partners.
These following areas are regulated by NIST 800-171:
- Access Control; Audit and Accountability
- Awareness and Training
- Configuration Management
- Identification and Authentication
- Maintenance
- Media Protection
- Personnel Security
- Physical and Environmental Protection
- System and Communications Protection
- System and Information Integrity