NIST 800-171 Rev 2 is an updated version of a security requirements document published by NIST. It focuses on protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations.
Here's a breakdown of NIST 800-171 Rev 2:
- Updates for evolving threats: It builds on the foundation of NIST 800-171, addressing current cybersecurity threats and incorporating best practices.
- Recommendations, not mandates: While not mandatory for all organizations, it's widely recognized as a benchmark for securing CUI.
- Importance for government contractors: Organizations that handle CUI on behalf of the U.S. government are often required to implement the controls outlined in NIST 800-171 Rev 2. The DoD enforces this requirement through the Defense Federal Acquisition Regulation Supplement (DFARS).
Return to NIST Glossary