GET THE CLARITY, TRAINING, AND TOOLS YOU NEED TO WIN AND KEEP CONTRACTS

Stay Compliant. Stay Competitive.

Federal contracts are raising the bar on cybersecurity. With the new FAR regulation regarding cybersecurity, contractors must follow strict safeguards to protect Controlled Unclassified Information (CUI) and other sensitive data You’ll need to maintain strong security practices, report incidents quickly, and prove compliance on demand. InfoPathways makes it simple with expert guidance, tailored solutions, and the tools you need to stay audit-ready and competitive.

GET A FREE CYBER EVALUATION

Here’s What You Need to Know

The new rule introduces two key clauses that apply to different contract situations:
If your contract involves CUI Controlled Unclassified Information (CUI), you’ll be required to follow a strict set of rules, including implementing the relevant NIST controls.
Even if CUI isn’t expected, you’re still obligated to protect sensitive information and report issues like unexpected exposure or security incidents.

At InfoPathways we’re here to help you understand which clause applies to your project and ensure your systems and your team are prepared, regardless of the contract type.

OPTIMIZE YOUR NUMBERS

Your To-Do List

  • NIST SP 800-171 Rev. 2

  • Eight-Hour Reporting Rule

  • Training Requirement for Staff and Subcontractors

  • Audit-Readiness

Comply with NIST SP 800-171 Rev. 2

Federal contractors handling Controlled Unclassified Information (CUI) must fully implement all 110 cybersecurity controls outlined in NIST SP 800-171 Rev. 2. These controls cover everything from access controls and encryption to incident response and system monitoring.

How InfoPathways Helps: Our compliance experts conduct gap assessments, help implement required controls, and document your progress with the tools federal agencies expect to see.

 

GET A FREE EVALUATION

Be Ready to Follow the Eight-Hour Reporting Rule

If you experience a potential cyber incident involving CUI—or discover that CUI has been mislabeled or exposed—you must report it to the government within 8 hours. This includes anything from phishing attacks to misrouted emails containing project plans.


How InfoPathways Helps: We’ll design and document your incident response plan, train your team on how to recognize and respond, and even act as your partner in rapid reporting and mitigation.

 

GET A FREE EVALUATION

Follow Training Requirement for Staff and Subcontractors

The rule requires that all employees—and even subcontractors—handling CUI must receive specialized training on how to protect it. Training content and frequency may vary by agency, but documentation is always required.


How InfoPathways Helps: We provide customized CUI training tailored to your industry and workforce. We also track training completion and help you meet federal documentation requirements.

GET A FREE EVALUATION

Maintain Documentation & Be Audit-Ready

Contractors must maintain formal documentation to prove compliance, including:

  • A System Security Plan (SSP) describing how controls are implemented
  • A Plan of Action and Milestones (POA&M) for any unmet requirements
  • Evidence of employee training and cybersecurity hygiene
    These documents may be requested by contracting officers or audited without notice.

How InfoPathways Helps: We create and maintain your documentation, ensuring it’s complete, up to date, and written in the format federal reviewers expect.

 

GET A FREE EVALUATION

Free Cyber Evaluation

Not sure if you’re ready for the new rules? Our free cybersecurity evaluation will quickly identify gaps in your systems, processes, and documentation. You’ll get a clear, actionable plan to meet federal standards—so you can bid on contracts with confidence.
cui contact-1

*InfoPathways reserves the right to decline requests for complimentary cybersecurity evaluations based on factors such as an organization’s location, size, industry, existing service provider relationships, or other relevant characteristics.

Get in Charge of Your IT

From protecting proprietary data to maximizing your team’s productivity, InfoPathways’ IT management can revolutionize how you do business. Contact us to learn how.
1-1
 PHONE NUMBER

(410) 751-9929

 

3-1
 LOCATION

25 Liberty St.
Westminster, MD 21157

486 N Patterson Ave Ste 261 Winston Salem, NC 27101