Protecting Controlled Unclassified InformationCUI in Nonfederal Information Systems and Organization

Presenter: Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development https://isc2pghchapter.org/ Description: NIST Special Publication 800-171 “Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations" What it is and how you may be impacted . Presentation Details: NIST 800-171 was created to provide guidance on ensuring that all systems that process, store, or transmit CUI information are secured and hardened. Some federal agencies, including the Department of Defense, has mandated that any contractor or subcontractor that handles CUI on behalf of the government secure their systems to 800-171 standards by December 31, 2017 or provide a compliance plan prior to that date. If you work with federal information this discussion may be of interest to you. The standard may also be of interest to those interested in a security framework not as complicated as FISMA and 800-53. Presenter Bio: Chris Seiders is a security analyst with the University of Pittsburgh’s Computing Services and Systems Development department. He has been with the University for 4 years focusing on security policy, risk management, and compliance. Chris is an ancillary reviewer on the PITT Institutional review board (IRB) performing data security reviews of IRB protocol submissions. He works with the Ebusiness Resource Group to ensure University merchants are in compliance with PCI requirements. He has led efforts to implement the NIST cyber security framework and FISMA models within the university.