NIST Publishes Minor Revisions to SP 800-171

February 21, 2020

Today, the National Institute of Standards and Technology ("NIST") published Special Publication 800-171, Revision 2, Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations.

 

According to the press release, NIST SP 800-171 Rev. 2 contains only minor editorial changes and does not change any of the basic and derived security requirements under the framework:

 

Revision 2 provides minor editorial changes in Chapters One and Two, and in the Glossary, Acronyms, and References appendices. There are no changes to the basic and derived security requirements in Chapter Three.

 

As many defense contractors are aware, NIST SP 800-171 contains the security controls that contractors must currently self-certify compliance with when their contracts include DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting.  

 

NIST SP 800-171 also serves as a foundational element in the Department of Defense's new CMMC framework (i.e., contractors assessed at CMMC Level 3 will be compliant with NIST SP 800-171). When the CMMC is fully implemented, all defense contractors will be required to obtain a third-party assessment of their cybersecurity posture to be eligible to compete for defense contracts.

 

NIST SP 800-171 Rev. 2.

 

. . .

 

#cyberjudicata #nist

 

 

Share on Facebook
Share on Twitter
Please reload

Contact Matross Edwards

www.MatrossEdwards.com

info@MatrossEdwards.com

202.854.9959

Search By Tags
Connect
  • Matross Edwards
  • LinkedIn
  • Twitter

Copyright © 2020 Joshua B. Duvall. All rights reserved.

CyberJudicata™ #cyberjudicata

LegalJudicata™ #legaljudicata

GovConJudicata™ #govconjudicata