Our Thoughts on the New Nist 800-171 Revision a, and Why This Matters to You!

The revision changes a few things, but the general gist remains the same; protecting CUI is NOT an option, it’s the law.

We Just Finished Reviewing the NIST 800-171 Revision A.

Bottom Line Up-Front:  The revision changes a few things, but the general gist remains the same; protecting CUI is NOT an option, it’s the law.  Guidance is given on how to perform an assessment (crash course), but folks will still require all in-depth technical knowledge to be able to definitively give the answer to every question and collect the evidence.  The experts have put in the time to know this, let us ensure you are safe, compliant, and now LEGAL.

Our Key Takeaways:

  • DIY assessment is a great start, but not the way to attest.  Reference the 7 missile contractors from the DoDOIG article who self-assessed and all failed.
  • The time burden for an organization to accomplish this on their own is huge: 80 + hours.
  • More plain language, a glossary, and acronym listing means small mom and pops COULD read this and then realize they will never be able to comply

If you’re struggling with the NIST 800-171 requirements, we can help. Click here to learn more about CUICK TRAC™


Derek White
Director of Business Development & Partner
Derek’s commitment to positive and compliant outcomes for customers, specifically through subject matter expertise and collaboration with internal and external resources.

Speak With a NIST Security Expert at Beryllium InfoSec Today

To reach us please fill out the form below.
Thank you, we have received your free security consultation request. A security expert will reach out to you soon.
Oops! Something went wrong while submitting the form.