Final Draft of NIST SP 800-171A Gives Contractors Something to Sample
Client Alert | 1 min read | 03.01.18
Last week, the National Institute of Standards and Technology (NIST) released its Final Draft of NIST Special Publication (SP) 800-171A, which will again be open for comment through March 23, 2018. First proposed in November, the publication provides guidance to both contractors and agencies regarding how to conduct assessments under the prominent cybersecurity standard NIST SP 800-171, which lays the foundation for how contractors must protect all forms of Controlled Unclassified Information, including Covered Defense Information. The Final Draft may be most notable for what it references but does not actually include: In response to initial comments requesting sample system security plan (SSP) templates, the Final Draft explains that NIST will post sample templates to its Computer Security Resource Center. Not wasting any time, sample templates of both a SSP and Plan of Action & Milestone (POAM) document are already available.
Contacts
Senior Counsel
She/Her/Hers
Insights
Client Alert | 3 min read | 04.26.24
CFIUS Proposes Enhanced Enforcement and Mitigation Rules and Steeper Penalties for Non-Compliance
On April 11, 2024, the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) announced proposed amendments to its enforcement and mitigation regulations, marking the first substantive update to CFIUS’s mitigation and enforcement provisions since the enactment of the Foreign Investment Risk Review Modernization Act of 2018. The Committee issued a notice of proposed rulemaking ("NPRM”) that would modify the regulations that apply to certain investments and acquisitions, as well as real estate transactions, by foreign persons as follows:
Client Alert | 3 min read | 04.25.24
JUST RELEASED: EPA’s Bold New Strategic Civil-Criminal Enforcement Collaboration Policy
Client Alert | 6 min read | 04.25.24
Client Alert | 3 min read | 04.24.24
