Ep 108: Understanding the Legalities Around CUI

Orgs in the DIB need to protect CUI in alignment with the NIST 800-171 cybersecurity standard—and soon the Cybersecurity Maturity Model Certification (CMMC) requirements—or face legal and compliance penalties as well as potential lost business. To clarify the biggest questions and reveal the most dangerous unknowns in the convoluted realm of CUI, your host John Verry, Pivot Point Security CISO and Managing Partner, sits down with Stephanie Siegmann, Partner and Chair at Hinckley Allen to share her knowledge on the subject. Join us as we discuss: · The difference between CUI Basic and CUI Specified · Criminal penalties for “export controlled” CUI violations that will probably shock you · Sound advice on handling data subject to ITAR, NOFORM and other regulations · How to get your CUI questions answered—and what to do if you’re still not sure · The US Department of Justice Civil Cyber Fraud initiative, the False Claims Act, and why you don’t want to fire the whistleblower To hear this episode, and many more like it, we would encourage you to subscribe to The Virtual CISO Podcast here. You can find all our full length and short form episodes here. Listening on a desktop & can't see the links? Just search for The Virtual CISO Podcast in your favorite podcast playerVCISO YouTube