The National Institute of Standards and Technology has pushed back the release of its revised cybersecurity standards for Department of Defense contractors until after the review of a related set of standards is completed, Inside Defense reported Friday.
NIST delayed its issuance of Special Publication 800-171 Revision 2, known as “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations,” due to the Office of Management and Budget’s pending completion of its review of SP 800-53. Revision 5 of SP 800-53 was originally intended to cover controls on supply chain, system design, privacy and cyber resiliency matters.
NIST noted that it put the release of SP 800-171 on hold “due to dependencies on SP 800-53.†SP 800-171 includes guidelines for cyber incident reports that DoD contractors handling unclassified information must be able to achieve.
