The Problem The Controlled Unclassified Information (CUI) program standardizes the way all U.S. government agencies and military entities handle unclassified information that requires safeguarding. It clarifies and limits what kinds of information to protect, defines what is meant by “safeguard,” reinforces existing legislation and regulations, and promotes authorized information-sharing. These...

The Problem Over the last several years many compliance regulations have sprung up globally. Organizations doing business in regions covered by these mandates have been forced to change their business practices in order to remain compliant. These regulations require organizations to have visibility into what data they possess, and where it is located. This remains a challenge for many...

The CCPA bill, passed in 2018, encourages businesses and related entities to be transparent and requires these organizations to report breaches of personal data. The CCPA is more than just a regulation, as it represents a core change in the approach organizations must take to ensure their data remains secure and requires the creation of a data protection strategy for their data. Organizations...

Protect Data and Meet Compliance Requirements Financial institutions face immense pressure to protect the data they create and collect. These organizations must be ever vigilant to the possibility of a data breach caused either by malicious actors or through employee mistakes. In either case, a data breach carries with it severe consequences, from heavy fines to the loss of consumer trust and...

Meet Compliance Requirements to Protect Personal Information in South Africa The mandate of South Africa’s Protection of Personal Information Act (POPIA) is to regulate the processing of personal information. With this Act, data breaches need to be reported by law. Organizations need to develop a clear data protection plan to build trust with customers, drive business growth, and avoid costly...

Challenge: STANAGs 4774, 4778 And NATO today Intelligence and military communities have historically worked in isolated silos. In recent years, these organizations have begun to embrace the need for sharing critical information with allies in an effort to receive similar critical information and intel in return. Because the North Atlantic Treaty Organisation (NATO) includes 29 member countries...

The aerospace and defense organizations operate on a global scale and handle data that needs to be protected from competitors as well as foreign military and government organizations. Competitive secrets, disparate customer requirements, and government regulations surrounding the sharing of sensitive information are critical considerations in the aerospace and defense marketplace. The U.S...

Meet Compliance Requirements To Protect Controlled Unclassified Information Originally imposed in 2017, NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, requires all current U.S. Department of Defense contractors to be be compliant with DFARS Part 252.204-7012. Other executive branch agencies may also require...

Since the launch of GDPR in 2018 , organizations have been forced to change their business practices in order to remain compliant. GDPR compliance requires organizations to have visibility into what data they possess, and where it is located. This remains a challenge for many organizations who don’t yet have solutions in place to understand where their data lives and what it contains. Ultimately...

Swift action to commands based on operational understanding are hallmarks of a high-performing and responsive military. And the exchange of classified and even unclassified data – often in electronic form – are the lifeblood for any military organization to thrive and achieve mission success. The key is keeping sensitive data out of the hands of the wrong people. “With the military, there is a...

The Australian Government Email Protective Marking Standard (EPMS) is a set of requirements that organizations must follow in order to protect sensitive and classified information that is sent or received by email. The Australian EPMS has been updated several times since its origin in 2005. Read our solution brief to learn about the changes to Email Protective Marking System (EPMS) v2018.6 and...

How does Fortra’s Data Classification Suite help with CUI? Fortra’s Data Classification Suite was designed to help U.S. Federal agencies comply with the National Archives and Records Administration’s (NARA) Controlled Unclassified Information (CUI) program. With DCS, you can ensure emails and documents are properly marked and identified, and sensitive CUI data is protected. Our solution is easy to...

The Problem Government agencies collect, use, and store personally identifiable information (PII) about citizens, employees, patients and other individuals every day. Much of this sensitive information is held in unstructured formats such as documents, emails and various other file types, but the exact location and storage of the data is difficult to track. This poses a significant risk for...

Introduction After years of deliberation, the U.S. government’s National Archives and Records Administration (NARA) has released more details of its regulation for the protection framework of Controlled Unclassified Information (CUI) . The rule is designed to safeguard government data that has not been assigned as confidential or secret, but which should not necessarily be made public, as it is...

Fortra’s Data Classification Suite (DCS) helps organizations across the finance and insurance sectors meet the information security regulations mandated by the Australian Prudential Regulation Authority (APRA) Prudential Standard CPS 234. Noncompliance with APRA can result in substantial fines as well as legal risks and damage to your organization’s reputation. A data breach resulting from...

Protect personal data and avoid financial penalties and reputational damage in the face of constantly evolving privacy legislation. Privacy laws are front and center for most countries in 2022, and Australia is no exception. The Australian Privacy Act addresses the management and handling of personal data. It applies to any organization that holds data on Australian citizens, irrespective of where...

Protect Sensitive Data on EU Citizens The EU General Data Protection Regulation (GDPR) came into force on 25th May 2018, yet many organizations are still not fully prepared and compliant. This new regulation replaces the 1995 EU Data Protection Directive, and is intended to plug the trust gap, by modernizing the legislation that safeguards personal data within the EU. It makes protection levels...