NIST Revises SP 800-171 Guidelines for Protecting Sensitive Information

Home / Articles / External / Government


May 30, 2023 | Originally published by NIST on May 10, 2023

The National Institute of Standards and Technology (NIST) has updated its draft guidelines for protecting sensitive unclassified information in an effort to help federal agencies and government contractors more consistently implement cybersecurity requirements.

The revised draft guidelines, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (NIST Special Publication [SP] 800-171 Revision 3), will be of particular interest to the many thousands of businesses that contract with the federal government. Federal rules that govern the protection of controlled unclassified information (CUI), which includes such sensitive data as health information, critical energy infrastructure information, and intellectual property, reference the SP 800-171 security requirements. Systems that store CUI often support government programs containing critical assets, such as design specifications for weapons systems, communications systems, and space systems.

Focus Areas