Jarret Cummings, EDUCAUSE Review
A few days before Christmas last year, Federal Student Aid (FSA), an office of the US Department of Education (ED), released a notice providing a high-level overview of its cybersecurity compliance plans. FSA posted the notice with little warning or opportunity to provide feedback in advance. The notice begins with FSA announcing its intention to establish a Campus Cybersecurity Program framework. At this point, what FSA means by a “Campus Cybersecurity Program” remains unclear, as does the role, if any, that higher education cybersecurity leaders and professionals might play in its development and application. The notice does make clear, however, that the NIST SP 800-171 controlled unclassified information (CUI) guidelines will form the foundation of the program that FSA is envisioning:
https://er.educause.edu/articles/2021/3/800-171-compliance-on-the-horizon
Share on Facebook