E Point Perfect
Law \ Legal

Do Business With the Federal Government? Here’s a 2022 Cybersecurity Recap: Part Two – NIST SP 800-171, Revision 3


In this second in our series, we look at the long awaited update to NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” which is expected to be released in late spring 2023. NIST SP 800-171 forms the backbone for contractor security requirements in Department of Defense regulations and the CMMC program. It remains unclear if this update will impact the rollout of the CMMC program. 

The National Institute of Standards and Technology (NIST) sought feedback in July 2022 on improvements to NIST SP 800-171 and the related CUI series of publications. It released an analysis of the public feedback in November 2022. According to NIST, the update will align requirements with NIST SP 800-53, Revision 5 and include an overlay of CUI security requirements to NIST SP 800-53. 

Putting it Into Practice – What to Expect in 2023: We expect to see further efforts to adopt a government-wide regulation protecting Controlled Unclassified Information, based on NIST SP 800-171, in the Federal Acquisition Regulations (FAR). Contractors subject to DoD regulations should continue to monitor for updates to the NIST CUI series and ensure ongoing compliance with these standards.


Source link

Related posts

NAAG Consumer Protection Meeting: State Attorneys General 2022 Year in Review

What’s it mean to challenge the “validity” of a will and why does it matter?

FCC Approves RED Technologies to Begin Initial SAS Deployment in 3.5 GHz Band

How China Customs Enforces the Export Control Law

Best Practices and Considerations for Employee Demand Letters, Charges and Early-Stage Lawsuits

The FCPA Turns 45 – LexBlog