1. Home
  2. |Insights
  3. |Just in Time for Spring: Revision 2 to NIST SP 800-171 Comes into Full Bloom

Just in Time for Spring: Revision 2 to NIST SP 800-171 Comes into Full Bloom

Client Alert | 1 min read | 03.12.20

The National Institute of Standards and Technology (NIST) recently released its final version of Revision 2 to the cybersecurity standard NIST Special Publication (SP) 800-171. While the security controls remain unchanged, Revision 2 now incorporates implementation guidance into each control.  Importantly though, such guidance remains non-binding and is not intended to extend the scope of the controls’ requirements.  

For future solicitations, Revision 2 will replace Revision 1 as the applicable standard under DFARS 252.204-7012. It remains to be seen how the finalization of Revision 2 will impact the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC). Currently, many CMMC practices cite to Revision 1, while “Discussion” sections cite to the draft version of Revision 2.

Lastly, although introduced in draft form at the same time as Revision 2, the separate standard NIST SP 800-171B – describing enhanced security controls intended to mitigate the risks of Advanced Persistent Threats (APTs) – remains unfinalized.


Contacts

Insights

Client Alert | 8 min read | 12.11.25

Director Squires Revamps the Workings of the U.S. Patent Office

In March 2025, President Trump nominated John A. Squires for the positions of Under Secretary of Commerce for Intellectual Property and Director of the United States Patent and Trademark Office (USPTO). After being approved by the Senate Judiciary Committee by a vote of 20-2, Squires was confirmed by the Senate on September 17, 2025, by a vote of 51-47 after anti-filibuster measures were invoked. During and after the confirmation process, Squires emphasized several goals for the USPTO during his time as Director. Such goals included:...

View All Insights