NIST SP 800-171 is a set of cybersecurity standards developed by the National Institute of Standards and Technology (NIST) to protect Controlled Unclassified Information (CUI) in nonfederal systems and organizations. It outlines 97 security requirements across 17 control families, covering areas such as access control, system configuration, and incident response, aimed at safeguarding sensitive government information stored or processed by contractors and other entities working with the US government. Compliance is mandatory for organizations handling CUI, requiring them to implement appropriate security controls, conduct self-assessments, and maintain documentation like a System Security Plan to demonstrate adherence. The goal is to ensure a consistent baseline of cybersecurity across the federal supply chain and prevent data breaches that could impact national security or economic interests.
Publication's URL
URL: https://csrc.nist.gov/pubs/sp/800/171/r3/finalPublication's scorecard
Country:
Scope: Cyber
Typology: Standard
Publication's date: May 14, 2024
Category: Data Protection & AI
Sector: Cross-Sector
Rating:
(No Ratings Yet)
Loading...