1. Home
  2. |Insights
  3. |NIST Finalizes Enhanced Security Requirements for Combating Advanced Cyber Threats

NIST Finalizes Enhanced Security Requirements for Combating Advanced Cyber Threats

Client Alert | 1 min read | 02.09.21

The National Institute of Standards and Technology (NIST) recently released the final version of NIST Special Publication (SP) 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information. Designed to supplement the requirements in NIST SP 800-171—the applicable standard under DFARS 252.204-7012—800-172 provides 35 enhanced security requirements to protect controlled unclassified information (CUI) associated with critical programs and high value assets from sophisticated adversaries referred to as advanced persistent threats (APTs).

Although expected to impact relatively few contractors, where applicable, agencies may include select enhanced security requirements from 800-172 in their contract provisions. The Department of Defense (DoD) has also incorporated several of the requirements identified in prior drafts of 800-172 into maturity levels 4 and 5 of the Cybersecurity Maturity Model Certification (CMMC).

Contacts

Insights

Client Alert | 6 min read | 11.03.25

ICE Is Suddenly At The Door: How Retailers, Hospitals, And Hotels Can Survive The Surprise Visitor

Imagine a typical morning at your retail store, hospital, or hotel—customers are arriving, staff are busy, and suddenly, federal agents from ICE appear at your front desk. The surprise is real, but panic does not have to be. Unannounced inspections conducted by Immigration and Customs Enforcement (ICE) inspectors have been occurring for years, but in recent months, ICE has ramped up inspection visits across the service sector, targeting I-9 compliance and employment records. These visits are not always dramatic raids; more often, they are routine checks that can escalate if your team is not prepared....

View All Insights