NIST Enhances Final Draft of NIST SP 800-172, Enhanced Security Requirements
Client Alert | 1 min read | 07.08.20
The National Institute of Standards and Technology (NIST) recently released the final public draft of NIST Special Publication (SP) 800-172, formerly known as Draft NIST SP 800-171B. Building on the security requirements in NIST SP 800-171, the applicable standard under DFARS 252.204-7012, 800-172 provides 34 enhanced requirements to protect Controlled Unclassified Information (CUI) associated with critical programs or high value assets from the risks posed by advanced persistent threats (APTs).
Unlike prior drafts, 800-172 incorporates the protection strategy and desired effects on the adversary directly into the implementation guidance for each control. The Department of Defense (DoD) expects 800-172 to impact fewer than one percent of defense contractors. However, numerous requirements from Draft 800-171B were incorporated into the Cybersecurity Maturity Model Certification (CMMC) Levels 4 and 5, likely giving commenters the opportunity to affect future CMMC revisions.
Comments for the final public draft are due August 21, 2020.
Contacts

Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 4 min read | 07.06.26
House Advances Bipartisan Kids' Online Safety Bill, But Senate Showdown Looms
On June 22, 2026, House Energy and Commerce Committee Chairman Brett Guthrie (R-Ky.) and Ranking Member Frank Pallone (D-N.J.) announced a bipartisan agreement on a revised version of the KIDS Act (H.R. 7757), marking the most significant congressional advance on children's online safety legislation in years. The House passed H.R. 7757, as amended, on June 29, 2026, setting up a potential showdown with the Senate. The revised KIDS Act consolidates elements of 14 pending legislative proposals — including KOSA and COPPA 2.0, both of which have previously passed the Senate and cleared the House Energy and Commerce Committee — into a single, comprehensive framework. The announcement, however, was met immediately with objections from Senate sponsors and civil liberties groups, underscoring the difficult legislative road ahead.
Client Alert | 4 min read | 07.02.26
Client Alert | 4 min read | 07.02.26
Logged Out: How LOGZONE's DIBCAC Challenges Put It Squarely in DOJ's Crosshairs
Client Alert | 6 min read | 07.02.26

