Re: Seeking CUI help, professional services

[Joanna Grama <jgrama () EDUCAUSE EDU>]

Hello,
For those of you working in this area, I will note that NIST just released the final draft of NIST 800-171A, the 
procedures for assessing CUI security requirements. This process document might be useful for institutions that conduct 
their own assessments.

Learn about the updates to the Final Draft SP 800-171A on the NIST CSRC website at:
https://csrc.nist.gov/News/2018/NIST-Releases-Final-Draft-SP-800-171A

Link to the Draft SP 800-171A publication record where links to the document, the comment template and other 
supplemental information is available:  https://csrc.nist.gov/publications/detail/sp/800-171a/draft

Kind regards,
Joanna


Joanna Grama, JD, CISSP, CRISC, CIPT
Director of Cybersecurity and IT GRC Programs

EDUCAUSE
Uncommon Thinking for the Common Good
282 Century Place, Suite 5000, Louisville, CO 80027
direct: 720.406.6769 | jgrama () educause edu<mailto:jgrama () educause edu>

Become a Member- Everyone at your organization is an EDUCAUSE member when you join | Access discounts, resources, and 
valuable peer networks | Discover membership<https://www.educause.edu/about/discover-membership>



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ed 
Jalinske
Sent: Tuesday, February 20, 2018 1:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Seeking CUI help, professional services

Hi Rob,

The UW-Madison Office of Cybersecurity recently formalized a CUI intake and compliance process for researchers. The 
details can be found on our CUI webpage 
https://it.wisc.edu/about/office-of-the-cio/cybersecurity/controlled-unclassified-information/

I was one of the leads on this project so take a look and feel free to contact me if you have any additional questions.

Thanks,

Ed Jalinske
University of Wisconsin-Madison
Office of Cybersecurity
Cybersecurity Education Lead
Cybersecurity Project Manager
608.262.3837 (Office)
917.945.0748 (Cell)
ed.jalinske () wisc edu<mailto:ed.jalinske () wisc edu>
[Cybersecurity Logo1]


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rob 
Caffey
Sent: Tuesday, February 20, 2018 11:44 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Seeking CUI help, professional services

All,

Our institution is seeking outside help in speeding up the pace of our compliance under federal regulations regarding 
CUI data and NIST SP800-171. Do any of you have experience with consulting or other professional services in this area 
that you might be able to share?  Maybe an RFI or RFP, SoW, or other documentation? We are looking for help primarily 
on the IT side (architecture and controls) but may need assistance on the business process and policy side as well.

Any insights would be helpful.  Thanks you!


-R



Rob Caffey

Special Assistant to the CIO

Information Technology Services

Kansas State University

2323 Anderson Ave., Suite 116

Manhattan, KS 66502

(785) 532-6520

"Protect personal information. The identity saved could be your own."