The Relationship Between CMMC and NIST SP 800_171 White Paper

March 12, 2021 Redspin, Inc.

NIST SP 800-171 (Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) is a federal government standard the provides minimum requirements for non-federal agencies (i.e., Department of Defense contractors) to adequately protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).

In the past, self-attestation was the only requirement. As the threat landscape became more aggressive, an advanced cybersecurity maturity model, called the Cybersecurity Maturity Model Certification (CMMC) framework, was developed to improve the cybersecurity posture of the Defense Industrial Base (DIB) to adequately protect CUI/FCI.

About the Author

Redspin is a leading provider of risk assessments using various frameworks including NIST CSF, CMMC-AB, ISO 27001, PCI DSS, and healthcare cybersecurity consulting. We’ve helped many Fortune 500 and leading growth companies in highly regulated industries including government, financial, technology, and manufacturing improve their cyber readiness and resiliency through a strategic and proven approach to reduce cyber risks and safeguard sensitive information.
Follow on Twitter Follow on Linkedin Visit Website More Content by Redspin, Inc.

The Relationship Between CMMC and NIST SP 800_171 White Paper

About the Author

Previous Flipbook

Next Flipbook

About Redspin

Contact Information

Talk To Us

The Relationship Between CMMC and NIST SP 800_171 White Paper

About the Author

Previous Flipbook

Next Flipbook

Other content in this Stream

Redspin's offensive security services test an organization's environment and people to validate the effectiveness against cyber attacks.

Scoping determines the boundaries where Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) is stored, processed, and exchanged within the Department of Defense (DoD).

This week, special guest Helve Longoria, the CISO at Florida International University (FIU) joins Tony and Rob on the discussion of FIU needing a CMMC assessment.

In this infographic, we depict Microsoft Exchange Server Breach response procedures if exploitation activity is discovered.

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

In this episode, we feature Tony Buenger to discuss his journey career and discuss what cybersecurity, compliance, and privacy mean to him.

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

APIs have the potential to expose and often become subject to malicious attacks causing API vulnerabilities to often be the source behind major data breaches. Attend this webinar to learn how to secu

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

API Sentry brings the visibility needed to understand risks associated with APIs and combines Redspin’s security and analytics expertise with sophisticated API security testing technology.

CynergisTek’s Director of Security Services, Dave Bailey sits down with Capability Maturity Model Certification (CMMC) Certified Provisional Assessor Tony Buenger, and CMMC Registered Practitioner Rob

CMMC Provisional Assessor Tony Buenger outlines what is included with CMMC consulting and what a consulting client would walk away with.

The Department of Defense (DoD) has delayed the long-awaited scoping guidance that defines in detail the scope requirements for CMMC assessments for CMMC Maturity Levels 1 and 3.

Redspin experts walk through the different levels of the CMMC certification and touch on how organizations can prepare.

Dave Bailey sits down with CMMC Provisional Assessor Tony Buenger and Registered Practitioner Robert Teague of Redspin to discuss CMMC and C3PAO for the DoD.

Redspin experts discuss Redspin’s unique position as one of the first 20 organizations accredited as a C3PAO for the DoD, and talk all things CMMC.

Learn how aligning with Redspin cybersecurity experts, you can achieve the level of cyber hygiene you needed for the CMMC certification.

Redspin is honored to be one of the first public companies chosen to help ensure controlled unclassified information (CUI) flowing down from the DoD to the DIB contractors and subcontractors.

We are breaking down the DoD's Cybersecurity Maturity Model Certification (CMMC) to prepare you so you can grow your business. The post The CMMC Playing Field first appeared on Redspin.

About Redspin

Contact Information

Talk To Us