Official UC blog

February 2024 Newsletter

Written by Matt H. | Feb 8, 2024 7:42:26 PM
Unified Compliance Newsletter
February 2024

 

Newsletter Highlights

  • The TLDRs of CUI, DIB/NSIB, CMMC, OSCAL, and STIGs
  • A legal framework for the dynamic world of Federated Linked Data
  • Do Common Controls Change?
  • Newsletter: Read Past Editions
  • Upcoming Documents
  • Authority Documents
  • Suggestions/Comments: Email Us

The TLDRs of CUI, DIB/NSIB, CMMC, OSCAL, and STIGs

We’ve written several articles about the updated Cybersecurity Maturity Model Certification (CMMC) process for the Defense Industrial Base (DIB) and the National Security Industrial Base (NSIB) and why that’s important for Confidential Unclassified Information (CUI) protection.

Check out some of their summaries.

A legal framework for the dynamic world of Federated Linked Data

The Federated Data License (FDL) is a legal framework tailored for the dynamic and collaborative world of Federated Linked Data (FLD), specifically catering to the nuances of Generative AI Platforms.

Find out why it's needed.

 

Do Common Controls Change?

Adjusting the Common Controls is necessary from time to time.

Find out when and why this is needed.

 

Newsletters: Read Past Editions

Want to read the news released about Unified Compliance? All released newsletters are posted the same day they are emailed. Check out past-UCF news. Read our Newsletters.

Upcoming Documents

The UCF team has plans to map the following Documents:

  • SOC 2
  • GAO Yellow Book
  • OWASP Application Security Verification Standard 4.0.3
  • 16 CFR Part 318, Health Breach Notification Rule
  • SWISS-U.S. DATA PRIVACY FRAMEWORK
  • ISO/IEC 27005:2022
  • Blueprint for an AI Bill of Rights
  • ISO/IEC TS 27110:2021
  • UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK
  • EU-U.S. DATA PRIVACY FRAMEWORK
  • COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework

Authority Documents

What's new and popular in the CCH?

See the list below for Authority Documents published since our last newsletter.

Configuration Management

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Cybersecurity, IT Security

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
  • 48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]
  • DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Health IT, Healthcare and Life Science

  • 45 CFR Part 170 Health Information Technology Standards, Implementation Specifications, and Certification Criteria and Certification Programs for Health Information Technology, current as of January 2024 [AD 3719]

Human Resources

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Monitoring and Reporting

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
  • DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Operational and Systems Continuity, Operational Management

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Physical Security

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
  • 45 CFR Part 170 Health Information Technology Standards, Implementation Specifications, and Certification Criteria and Certification Programs for Health Information Technology, current as of January 2024 [AD 3719]

Privacy

  • 48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]
  • DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) [AD 3714]

Records Management, Risk Management

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]

Third Party and Supply Chain Management

  • Framework for Improving Critical Infrastructure Cybersecurity, v1.1 [AD 3709]
  • 48 CFR Part 52.204-21, Basic Safeguarding of Covered Contractor Information Systems [AD 3713]

Which Authority Documents are most important to you?

Submit a request.

What are the most accessed ADs monthly?

 

Here's this month's list of the 50 most selected Authority Documents, including how many groups and initiatives each Authority Document has been assigned!

Thanks for Reading our newsletter. If you have any suggestions or comments, please email us.

Best Wishes,

Dorothy Hunt

Manager, Customer Success
707.694.3077
dhunt@unifiedcompliance.com

Unified Compilance, 10161 Park Run Dr. Suite 150, Las Vegas, NV 89145 USA

Unsubscribe Manage Preferences

Copyright © 2021 UnifiedCompliance.com All Rights Reserved.