No, we’re not talking about the FTC Safeguards Rule here. It’s much more than that.
Have you noticed how a framework from the National Institute of Standards and Technology, NIST Special Publication 800-171, has been cropping up in Dept. of Ed communications for years now? That’s because NIST SP 800-171 spells out security requirements for non-federal organizations (like post-secondary schools) that handle CUI (Controlled Unclassified Information).
We recommend checking out this important blog post, Preparing for the New Cybersecurity Rule from CECU’s Senior Vice President and General Counsel, Jed Brinton, for more insights.