1. Home
  2. |Insights
  3. |No Post-Thanksgiving Break for Cyber – DoD and NIST Publish New Guidance

No Post-Thanksgiving Break for Cyber – DoD and NIST Publish New Guidance

Client Alert | 1 min read | 12.01.17

Both the Department of Defense and National Institute of Standards & Technology (NIST) have put pen to paper and provided new information for contractors looking to comply with DFARS 252.204-7012 and its accompanying cybersecurity requirements under NIST Special Publication (SP) 800-171.  Earlier this week, the DoD posted guidance explaining that contractors can still use system security plans (SSPs) under the original version of NIST SP 800-171 to “document implementation” under the DFARS Clause, despite that version not including SSPs as a security control requirement.  Separately, NIST published a draft of NIST SP 800-171A, Assessing Security Requirements for Controlled Unclassified Information, providing guidance to both contractors and their customers regarding how to conduct assessments under NIST SP 800-171.  Importantly, the draft is open to comment through December 27, 2017, providing contractors with a unique opportunity to weigh in on how their customers may ultimately judge compliance with the DFARS Clause’s security requirements.


Insights

Client Alert | 3 min read | 09.17.25

The “Climate Cartel” – U.S. State AGs Cite Antitrust and Consumer Protection Concerns to Take Aim at Domestic and International Organizations

On August 8, 2025, the Attorneys General of 23 Republican-led U.S. states (the “AGs”) sent a letter to Science Based Targets Initiative (“SBTi”), a U.K. non-profit climate organization, expressing concern with the SBTi’s climate initiatives.[1]SBTi had previously received a subpoena from Florida Attorney General James Uthmeier in connection with his office’s investigation into what he described as a “climate cartel,” which he alleges includes SBTi and CDP (formerly the Carbon Disclosure Project).[2]...