NIST Updates SP 800-171 to Help Defend Sensitive Information from Cyberattack

Illustration of computer graphics with a padlock and the message "Hacking detected."

An update to one of the National Institute of Standards and Technology’s (NIST) information security documents offers strategies to help protect sensitive information that is stored in computers supporting critical government programs and high value assets.

The document, entitled Draft NIST Special Publication (SP) 800-171 Revision 2: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, now has a new draft companion publication, NIST SP 800-171B, that offers additional recommendations for handling Controlled Unclassified Information (CUI) in situations where that information runs a higher than usual risk of exposure. CUI includes a wide variety of information types, from individuals’ names or Social Security numbers to critical defense information.