NIST 800-171 rev. 3 is Coming ... But Not How You Think cover art

NIST 800-171 rev. 3 is Coming ... But Not How You Think

NIST 800-171 rev. 3 is Coming ... But Not How You Think

Listen for free

View show details

Summary

NIST SP 800-171 Revision 3 has been out for two years.

DFARS 252.204-7012 says to use the most current version.

So why are defense contractors still using Revision 2?

Because they're supposed to.

In this episode, we break down the temporary rule that overrides the DFARS clause and keeps the entire ecosystem aligned on Revision 2.

We cover:

• What a class deviation actually is and why it matters

• Why DoD had to pause the shift to Revision 3

• How CMMC rulemaking controls the transition

• And when Revision 3 will realistically start showing up in contracts

Bottom line: contractors aren't behind. The rules haven't changed yet.

.......

Register for Summit 7 Live: https://www.summit7.us/s7live

171r3: https://csrc.nist.gov/pubs/sp/800/171/r3/final

DFARS 7012 deviation (PDF): https://www.acq.osd.mil/dpap/policy/policyvault/USA001074-24-DPC.pdf

32 CFR 170: https://www.ecfr.gov/current/title-32/subtitle-A/chapter-I/subchapter-G/part-170

Class deviation podcast: https://youtu.be/voziZRAMvv4?si=3xHm7I_gIeQTQxLf

Class deviation press release: https://www.war.gov/News/Releases/Release/Article/3763953/department-of-defense-issues-class-deviation-on-cybersecurity-standards-for-cov/

adbl_web_anon_alc_button_suppression_c
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.