February 2024 Newsletter

View in browser

Unified Compliance Newsletter

February 2024

Newsletter Highlights

The TLDRs of CUI, DIB/NSIB, CMMC, OSCAL, and STIGs
A legal framework for the dynamic world of Federated Linked Data
Do Common Controls Change?
Newsletter: Read Past Editions
Upcoming Documents
Authority Documents
Suggestions/Comments: Email Us

Businesswoman holding tablet pc entering password. Security concept

The TLDRs of CUI, DIB/NSIB, CMMC, OSCAL, and STIGs

We’ve written several articles about the updated Cybersecurity Maturity Model Certification (CMMC) process for the Defense Industrial Base (DIB) and the National Security Industrial Base (NSIB) and why that’s important for Confidential Unclassified Information (CUI) protection.

Check out some of their summaries.

Licenses Concept. Word on Folder Register of Card Index. Selective Focus.-1

A legal framework for the dynamic world of Federated Linked Data

The Federated Data License (FDL) is a legal framework tailored for the dynamic and collaborative world of Federated Linked Data (FLD), specifically catering to the nuances of Generative AI Platforms.

Find out why it's needed.

Do Common Controls Change?

Adjusting the Common Controls is necessary from time to time.

Find out when and why this is needed.

Newsletters: Read Past Editions

Want to read the news released about Unified Compliance? All released newsletters are posted the same day they are emailed. Check out past-UCF news. Read our Newsletters.

Upcoming Documents

The UCF team has plans to map the following Documents:

SOC 2
GAO Yellow Book
OWASP Application Security Verification Standard 4.0.3
16 CFR Part 318, Health Breach Notification Rule
SWISS-U.S. DATA PRIVACY FRAMEWORK
ISO/IEC 27005:2022
Blueprint for an AI Bill of Rights
ISO/IEC TS 27110:2021
UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK
EU-U.S. DATA PRIVACY FRAMEWORK
COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework

Authority Documents

What's new and popular in the CCH?

See the list below for Authority Documents published since our last newsletter.

Configuration Management

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Cybersecurity, IT Security

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]
DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Health IT, Healthcare and Life Science

45 CFR Part 170 Health Information Technology Standards, Implementation Specifications, and Certification Criteria and Certification Programs for Health Information Technology, current as of January 2024 [AD 3719]

Human Resources

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Monitoring and Reporting

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Operational and Systems Continuity, Operational Management

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Physical Security

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
45 CFR Part 170 Health Information Technology Standards, Implementation Specifications, and Certification Criteria and Certification Programs for Health Information Technology, current as of January 2024 [AD 3719]

Privacy

48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]
DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Records Management, Risk Management

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Third Party and Supply Chain Management

Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]

Which Authority Documents are most important to you?

Submit a request.

What are the most accessed ADs monthly?

Here's this month's list of the 50 most selected Authority Documents, including how many groups and initiatives each Authority Document has been assigned!

Thanks for Reading our newsletter. If you have any suggestions or comments, please email us.

Best Wishes,

Dorothy Hunt

Manager, Customer Success
707.694.3077
dhunt@unifiedcompliance.com

www.UnifiedCompliance.com

CommonControlsHub.com

www.UCFMapper.com

February 2024 Newsletter

Newsletter Highlights

The TLDRs of CUI, DIB/NSIB, CMMC, OSCAL, and STIGs

Upcoming Documents

Products

Partners

Resources

About