What is CUI?
- Government created or owned UNCLASSIFIED information that must be safeguarded from unauthorized disclosure.
- An overarching term representing many difference categories, each authorized by one or more law, regulation, or Government-wide policy.
- Information requiring specific security measures indexed under one system across the Federal Government.
Why is CUI important?
- The establishment of CUI was a watershed moment in the DoD’s information security program, formally acknowledging that certain types of UNCLASSIFIED information are extremely sensitive, valuable to the United States, sought after by strategic competitors and adversaries, and often have legal safeguarding requirements.
- Unlike with classified national security information, DoD personnel at all levels of responsibility and across all mission areas receive, handle, create, and disseminate CUI.
- CUI policy provides a uniform marking system across the Federal Government that replaces a variety of agency-specific markings, such as FOUO, LES, SBU, etc.
Where did CUI come from?
- Executive Order 13556 established CUI on November 4, 2010.
- Part 2002 of 32 Code of Federal Regulations prescribed Government-wide implementation standards on September 14, 2016.
- DoD Instruction 5200.48, “Controlled Unclassified Information,” established DoD CUI policy on March 6, 2020.
Do you handle CUI?
- Then you must currently comply with NIST 800-171 or you may be in breach of contact.
- Are you prepared? We can help!!