SafeLogic and Kratos Defense collaborated to assemble the authoritative guide to encryption prerequisites for NIST 800-171, and by extension, CMMC.
Organizations that need to comply with CMMC Level 2 or higher should understand:
- The intersection between NIST SP 800-171, the FIPS 140 standard for
cryptography, and CMMC controls
- CMMC Practices that directly reference encryption requirements
- CMMC Level 2 and 3 compliance requirements for FIPS 140 validation
- The distinction between FIPS Validated and FIPS Compliant encryption
- And the process to achieve FIPS 140 validation with recommended strategies