The National Institute of Standards and Technology (NIST), under the U.S. Department of Commerce, has recently unveiled refreshed directives for Federal agencies regarding the safeguarding of their controlled unclassified information (CUI) stored on private-sector platforms.

“The protection of Controlled Unclassified Information (CUI) is of paramount importance to federal agencies and can directly impact the ability of the Federal Government to successfully conduct its essential missions and functions,” NIST said.

These updated guidelines, building upon NIST’s 2020 framework, introduce a set of benchmarks to enhance the protective measures Federal agencies ought to pursue.

It encompasses various domains, such as Access Control, Awareness and Training, Audit and Accountability, Assessment, Authorization, and Monitoring, Configuration Management, and Identification and Authentication, providing a comprehensive approach to safeguarding controlled unclassified information.