Double Whammy: NIST Unveils Draft Enhanced Security Requirements and Revisions to NIST SP 800-171
Client Alert | 1 min read | 06.21.19
The National Institute of Standards and Technology (NIST) has released drafts of NIST SP 800-171 Revision 2 and a companion standard NIST SP 800-171B, designed to protect Controlled Unclassified Information (CUI) from advanced persistent threats (APTs). 800-171B details 33 “enhanced” controls, reflecting core principles of penetration resistance, damage-limiting operations, and resiliency. Specific controls include those related to segregation, hunt teams, AI-enabled tools, IoT security, and supply chain – some of which arguably do not have firm industry definitions.
Unlike the non-substantive updates to Revision 2, 800-171B will apply only to contractors handling CUI that the government determines is part of a “critical program” or is a “high value asset.” A cost estimate from the Department of Defense – expected to quickly implement 800-171B – anticipates that less than one percent of its contractors will be impacted but that (allowable) costs could exceed $1 million.
Comments for all three documents are due July 19, 2019.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 4 min read | 01.15.26
Access to Public Domain Documents Pilot: Practice Direction 51ZH
The Pilot codifies the position at common law, set out by Lady Hale in Cape Intermediate Holdings Ltd v Dring [2019] UKSC 38, which permits the public the right of access to documents placed before a court and referenced in a public hearing[4]. This Pilot will apply to cases heard in the Commercial Court, the London Circuit Commercial Court (King’s Bench Division), and the Financial List (Commercial Court and Chancery Division)[5].
Client Alert | 4 min read | 01.14.26
Client Alert | 3 min read | 01.13.26
Client Alert | 7 min read | 01.13.26
