NIST Offers a Two-for-One Special on Cybersecurity Updates
Client Alert | 1 min read | 06.20.18
The government’s leading authority on cybersecurity standards has issued two updates relevant to government contractors working with DoD sensitive data. First, the National Institute of Standards and Technology (NIST) updated Special Publication (SP) 800-171, the security standard required by the DFARS Safeguarding Clause 252.204-7012 and also expected to be required under a pending FAR Clause. In addition to nuanced security control revisions, notable changes include the addition of Appendix F, which discusses security requirements derived primarily from the separate standard NIST SP 800-53 in an effort to inform organizations about mechanisms and procedures used to implement required safeguards. Second, NIST finalized its draft of NIST SP 800-171A. This sister document provides guidance in assessing NIST SP 800-171 security controls, including System Security Plans (SSPs) and Plans of Action and Milestones (POAMs). Changes in the finalized guidance include the removal of NIST SP 800-53 guidance in Appendix D and its replacement with three assessment methods – Examine, Interview, and Test – that can be used to assess security requirements under NIST SP 800-171.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 3 min read | 10.10.25
New Post Appeals Mediation Pilot Program
On October 1, 2025, the IRS Independent Office of Appeals launched a two-year pilot program to make Post Appeals Mediation (PAM) more attractive and accessible to taxpayers. See IRS Announcement 2025-10. The new PAM pilot program offers taxpayers the opportunity to be assigned to a new Appeals team, which is otherwise unconnected to the underlying case, who will represent the original Appeals team in the mediation session. The assignment of the new Appeals team does not begin a new appeals process but rather is intended to help facilitate an expedited and impartial look at the underlying case with the goal of further exploring all potential paths to resolution prior to litigation.
Client Alert | 1 min read | 10.09.25
New California Algorithmic Pricing Law Could Have Far Reaching Effects
Client Alert | 5 min read | 10.08.25
California’s AI Transparency Act (CAITA) May be Amended to Regulate Social Media Platforms
Client Alert | 6 min read | 10.08.25
Hacker No Fly Zone: FAA and TSA Propose Cybersecurity Rules for Drone Ecosystem