top of page

From New guidelines from NIST on how to avoid cyberattacks from a nation-state

Updated: Mar 3

Highlights from the article:

  • In a new special publication, NIST SP 800-172, the agency details how systems administrators should arrange networks and which security practices could provide additional protection from advanced persistent threats (APTs) — the industry term for hacking groups typically associated with foreign governments.

  • This special publication builds upon NIST’s SP 800-171, a set of requirements that often apply to federal contracts that deal with controlled unclassified information (CUI).

  • Exfiltrations of sensitive data from companies handling CUI led the Pentagon to launch the Cybersecurity Maturity Model Certification (CMMC) program to ensure contractors are meeting requirements through third-party verification.


bottom of page