The National Institutes of Science and Technology (NIST) has published a supplement to Special Publication (SP) 800-171 outlining requirements for a non-federal organization to develop a cyber program that is resilient against state-sponsored hackers. NIST SP 800-172, “Enhanced Security Requirements for Protecting Controlled Unclassified Information,” offers additional recommendations for defending controlled unclassified information (CUI) against advanced persistent […]