Cybersecurity & CUI
What is CUI?
CUIÌýwas defined inÌýÌýas information held by or generated for the Federal Government that requires safeguarding or dissemination controls. Research data and other project information that a research team receives, possesses, or creates during theÌýperformance of federally funded research may be CUI. The obligation to determine whether or not an award will involve CUI belongs to the federal sponsor; award documents should specifically identify CUI and applicable security requirements.Ìý
Resources & Education
Contact CU Boulder's Research Cybersecurity Program (itso-sec-review@colorado.edu)Ìýfor support.
What is CMMC?
CMMC is a unified assessment model created by DOD in response to the growing threat of cyberattacks and data theft from the defense contractors. CMMC is designed to ensure that DOD contractors and subcontractors adequately safeguard two categories of sensitive government information: Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
While DOD contractors have already been subject to information security requirements in DFARS and FAR clauses, CMMC builds on these existing requirements by requiring all DOD contractors and subcontractors who handle CUI and FCI during contract performance to certify compliance with security controls via mandatory self-assessments, third-party assessment, and affirmations of compliance.Ìý
Resources & Education
- CU Research Integrity & Security (RSI) CMMC Webpage
- Secure Research Computing Services: The Preserve
- Ìý
Contact CU Boulder's Research Cybersecurity Program (itso-sec-review@colorado.edu)Ìýfor support.
University of Colorado Office of Information Security (OIS)
The OIS offers many services to help ensure the privacy and proper handling of university information assets.ÌýThe following are provided in support of the university’s academic mission and the strategic vision of each campus.
- Security Posture Assessment
- Compliance Support
- Security Consulting and Review
- Awareness and Training
- Security Monitoring/Response
- Investigation Support
- Technology Solutions
- Policy and Governance
Resources & Education
Contact CU Office of Information Security (security@colorado.edu)Ìýfor support.
All CU community members have a stake in reducing cybersecurity risks that could impact the university’s financial, reputational, and legal standing. The mission of OIS is to provide you relevant and attainable guidance that will keep sensitive university information private and secure.
Resources & Education
Contact CU Office of Information Security (security@colorado.edu)Ìýfor support.
Center for the Development of Security Excellence (CDSE)
The offers several resources and trainings focused on topics related toÌýInformation Security and Cybersecurity, including:
Research and expertise across CUÌýBoulder.
Ìý Ìý
Our 12Ìýresearch institutes conduct more than half of
the sponsored research at CUÌýBoulder.
More than 75 research centers span the campus,
covering a broad range of topics.
A carefully integrated cyberinfrastructure supports CUÌýBoulder research.
Ìý Ìý