Article by Jackson Barnett. Original article can be found here: https://www.fedscoop.com/nist-800-172-cybersecurity-guidelines/
Highlights from the article:
In a new special publication, NIST SP 800-172, the agency details how systems administrators should arrange networks and which security practices could provide additional protection from advanced persistent threats (APTs) — the industry term for hacking groups typically associated with foreign governments.
This special publication builds upon NIST’s SP 800-171, a set of requirements that often apply to federal contracts that deal with controlled unclassified information (CUI).
Exfiltrations of sensitive data from companies handling CUI led the Pentagon to launch the Cybersecurity Maturity Model Certification (CMMC) program to ensure contractors are meeting requirements through third-party verification.