Cybersecurity, Privacy, & AI

Trending Now
CMMC Compliance as a Service: A New Model for DOW Contractors • GSA Announces a Fresh Cohort of Presidential Innovation Fellows • Supreme Court Justices Skeptically Question Both Sides in Geofence Surveillance Case • Pentagon Workers Vibe-Code 100,000 AI ‘Agents’ to Use on Unclassified Networks • CISA, UK NCSC Warn of China-Linked Covert Cyber Networks in New Advisory
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on June 25, 2018 • Cyber

NIST Offers a Two-for-One Special on Cybersecurity Updates

The National Institute of Standards and Technology has issued two updates relevant to government contractors working with DoD sensitive data.

First, it has updated Special Publication 800-171, the security standard required by the DFARS Safeguarding Clause 252.204-7012 and also expected to be required under a pending FAR Clause. Notable changes include the addition of Appendix F, which discusses security requirements derived primarily from NIST SP 800-53, in an effort to inform organizations about mechanisms and procedures used to implement required safeguards.

Second, NIST finalized its draft of NIST SP 800-171A. This sister document provides guidance in assessing NIST SP 800-171 security controls, including System Security Plans and Plans of Action and Milestones. Changes in the finalized guidance include the removal of NIST SP 800-53 guidance in Appendix D and its replacement with three assessment methods – Examine, Interview, and Test – that can be used to assess security requirements under NIST SP 800-171.

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024