What is NIST 800-171 Rev 2?

NIST 800-171 Rev 2 is an updated version of a security requirements document published by NIST. It focuses on protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations.

Here's a breakdown of NIST 800-171 Rev 2:

• Updates for evolving threats: It builds on the foundation of NIST 800-171, addressing current cybersecurity threats and incorporating best practices.
• Recommendations, not mandates: While not mandatory for all organizations, it's widely recognized as a benchmark for securing CUI.
• Importance for government contractors: Organizations that handle CUI on behalf of the U.S. government are often required to implement the controls outlined in NIST 800-171 Rev 2. The DoD enforces this requirement through the Defense Federal Acquisition Regulation Supplement (DFARS).

Return to NIST Glossary