1. Home
  2. |Insights
  3. |NIST Offers a Two-for-One Special on Cybersecurity Updates

NIST Offers a Two-for-One Special on Cybersecurity Updates

Client Alert | 1 min read | 06.20.18

The government’s leading authority on cybersecurity standards has issued two updates relevant to government contractors working with DoD sensitive data. First, the National Institute of Standards and Technology (NIST) updated Special Publication (SP) 800-171, the security standard required by the DFARS Safeguarding Clause 252.204-7012 and also expected to be required under a pending FAR Clause. In addition to nuanced security control revisions, notable changes include the addition of Appendix F, which discusses security requirements derived primarily from the separate standard NIST SP 800-53 in an effort to inform organizations about mechanisms and procedures used to implement required safeguards. Second, NIST finalized its draft of NIST SP 800-171A. This sister document provides guidance in assessing NIST SP 800-171 security controls, including System Security Plans (SSPs) and Plans of Action and Milestones (POAMs). Changes in the finalized guidance include the removal of NIST SP 800-53 guidance in Appendix D and its replacement with three assessment methods – Examine, Interview, and Test – that can be used to assess security requirements under NIST SP 800-171.

Insights

Client Alert | 3 min read | 03.28.24

UK Government Seeks to Loosen Third Party Litigation Funding Regulation

On 19 March 2024, the Government followed through on a promise from the Ministry of Justice to introduce draft legislation to reverse the effect of  R (on the application of PACCAR Inc & Ors) v Competition Appeal Tribunal & Ors [2023] UKSC 28.  The effect of this ruling was discussed in our prior alert and follow on commentary discussing its effect on group competition litigation and initial government reform proposals. Should the bill pass, agreements to provide third party funding to litigation or advocacy services in England will no longer be required to comply with the Damages-Based Agreements Regulations 2013 (“DBA Regulations”) to be enforceable....