Category Archives: National Institute of Standards and Technology (NIST)

Subscribe to National Institute of Standards and Technology (NIST) RSS Feed

NIST Releases Highly-Anticipated Draft Special Publication on Assessing the Security Requirements in NIST SP 800-171 for Controlled Unclassified Information (CUI)

Pursuant to DFARS 252.204-7012, DoD contractors are to implement the security requirements in NIST Special Publication (SP) 800-171 by December 31, 2017. NIST SP 800-171 includes security requirements for protecting Controlled Unclassified Information (CUI) in nonfederal systems and is expected soon to be required under civilian agency contracts through a forthcoming FAR case. On November … Continue Reading

ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information

On June 19, 2015, the National Institute of Standards and Technology (“NIST”) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal systems.  The guidelines, Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, apply to nonfederal information systems and organizations … Continue Reading

Another Prologue to Cybersecurity Regulations: Controlled Unclassified Information (“CUI”) – What Contractors Need to Know and Why They Should Care

Government contractors should take note of a proposed new rule that could impose significant new data storage obligations when finalized.  The Federal Government is taking another baby-step towards cybersecurity regulation with a proposed rule intended to standardize protocols relating to designating and safeguarding unclassified information that is to be withheld from public disclosure (also known … Continue Reading

The Cybersecurity Race: Executive Branch Takes The Lead While Congress Watches From The Bleachers

The federal government sector has been abuzz lately with whispers and shouts about pending cybersecurity regulations, frameworks, and requirements. This attention is not particularly surprising, especially given the recent high-profile data breaches, the litigation threats surrounding those breaches, the recent identification of the encryption-disabling, consumer data threatening “Heartbleed SSL” OpenSSL vulnerability, and recent reports that … Continue Reading
LexBlog