search
Ask ACHR NEWS AI
cart
facebook twitter instagram linkedin youtube
  • Sign In
  • Subscribe
  • Sign Out
  • My Account
  • NEWS
  • PRODUCTS
  • SHEET METAL
    • Fabrication
    • Workers
    • Machinery
    • Architectural Sheet Metal
    • Metal Roofing
  • OTHER TOPICS
    • Duct Sealing & Cleaning
    • Spiral Duct
    • Shop Layout
    • Steel Reports
  • EDUCATION
    • Columns
    • Apprenticeship Reviews >
      • Submit Review
    • Sheet Metal Unions Map
    • Sheet Metal History
    • History of SNIPS NEWS
    • Webinars
  • DIRECTORY
  • MORE
    • Newsletter
    • eMagazine
    • Videos
    • Podcasts
    • Quiz
    • SNIPS NEWS Store
    • Contractor of the Year
    • Sponsor Insights
  • SIGN UP
  • Back to The NEWS
SNIPS NEWSSheet Metal And HVAC Industry News

New NIST Guidelines Protect Sensitive Information

NIST has updated these guidelines for consistency and ease of use

By SNIPS NEWS Editorial Staff
NIST
May 17, 2024

Contractors and other organizations that do business with the federal government now have clearer, more straightforward guidance for protecting the sensitive data they handle. 

The National Institute of Standards and Technology (NIST) has finalized its updated guidelines for protecting this data, known as controlled unclassified information (CUI), in two publications: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (NIST Special Publication [SP] 800-171, Revision 3), and its companion, Assessing Security Requirements for Controlled Unclassified Information (NIST SP 800-171A, Revision 3). 

These guidelines require organizations to safeguard CUI such as intellectual property and employee health information. Systems that process, store and transmit CUI often support government programs involving critical assets, such as weapons systems and communications systems, which are potential targets for adversaries. 

The two publications draw on NIST’s source catalog of security and privacy controls (NIST SP 800-53) and assessment procedures (NIST SP 800-53A). Before this update, the wording of these documents did not match the language of the source catalogs, potentially creating ambiguity in the security requirements and uncertainty in security requirement assessments. The update is designed to address these issues and also streamline and harmonize NIST’s portfolio of cybersecurity guidance.

“For the sake of our private sector customers, we want our guidance to be clear, unambiguous and tightly coupled with the catalog of controls and assessment procedures used by federal agencies,” said NIST’s Ron Ross, one of the publications’ authors. “This update is a significant step toward that goal.”

NIST released draft versions of the guidelines for public comment last year. Ross said that the update acknowledges the community’s interest in making the safeguards available in machine-readable formats, such as JSON and Excel, which would benefit cybersecurity tool developers and implementing organizations. These alternate formats are now available through NIST’s Cybersecurity and Privacy Reference Tool. 

“Toolmakers often want to import relevant sections of the guidance directly into an electronic form for easier reference and use,” he said. “Providing the guidance in these additional formats will allow them to do that. It will help a wider group of users to understand the requirements and implement them more quickly and efficiently.”

Additionally, to assist implementers already using Revision 2, NIST has issued an analysis of changes that details how each requirement has evolved. 

The companion publication, SP 800-171A, is designed to help users assess the security requirements in SP 800-171 to determine if the requirements have been met. The publication includes a complete set of updated assessment procedures that correspond to the changes to the security requirements as well as new material to illustrate how to conduct security requirement assessments.

In the coming months, NIST plans to revise other supporting publications on protecting CUI associated with high-value assets and critical programs. These forthcoming updates will include NIST SP 800-172 (enhanced security requirements) and NIST SP 800-172A (enhanced security requirement assessments). 

Read more about the release at the NIST Computer Security Resource Center.

This article was originally posted on www.missioncriticalmagazine.com.
Source: The National Institute of Standards and Technology (NIST)
KEYWORDS: cybersecurity federal contractors

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • HVAC-enrollment

    The Trades Are Back: HVACR Programs See Nearly 30% Enrollment Spike

    A new wave of future technicians is entering the pipeline.  
    News
    By: Matt Jachman
  • 2025 Top 40 Under 40

    2025 Top 40 Under 40 HVACR Professionals List

    The 11th annual Top 40 Under 40 list highlights those...
    HVAC Light Commercial Market
    By: Hannah Belloli-Oster
  • LG Ductless Mini-Split Systems

    The 9 Types of Heat Pumps

    As the U.S. moves toward electrification, heat pumps are...
    Heat Pumps
    By: Joanna R. Turpin

More Videos

SNIPS NEWS Buyers Guide
Explore Carlisle HVAC Insights

Related Articles

  • Bags designed to protect sensitive equipment

    See More
  • NIST

    Thermal Magic: New NIST Nano-Thermometers Aim to Revolutionize Temperature Imaging

    See More
  • Oct. 27, 2014: New NIST Tool Evaluates Building Performance, Trade-offs

    See More

Related Products

See More Products
  • SMACNA-logo8.gif

    Residential Sheet Metal Guidelines

  • Building Information Modeling: Planning and Managing Construction Projects with 4D CAD and Simulations

See More Products

Events

View AllSubmit An Event
  • December 30, 2030

    Webinar Sponsorship Information

    For webinar sponsorship information, visit www.bnpevents.com/webinars or email webinars@bnpmedia.com.
View AllSubmit An Event
×

Sign Up. Stay Informed.

The #1 trusted source for the HVACR industry since 1926

SUBSCRIBE
  • RESOURCES
    • Advertise
    • Contact Us
    • Advisory Board
    • Classifieds
    • Submit a Letter
    • Directories
    • Store
  • ACCOUNT CENTER
    • Create an Account
    • Start a Subscription
    • Manage My Account
    • Sign Up for Newsletters
    • Visit Customer Service
    • Update Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • Instagram
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing