CMMC leaders push for using NIST controlled unclassified information standard across federal government

The Defense Department’s CMMC leader Stacy Bostjanick and accreditation body CEO Matthew Travis are pushing for the entire federal government to adopt NIST Special Publication 800-171, the Pentagon’s foundational standard for handling sensitive federal data for its cyber certification program, to ensure consistency between defense and civilian requirements.

NIST 800-171 is focused on controlled unclassified information and has 110 controls that align with level two of the Pentagon’s Cybersecurity Maturity Model Certification program.

A rulemaking to change the Federal...