NIST 800 Compliance
Why Does NIST 800 Matter to My Organization?
First, NIST 800 are policy directives on how to set up and secure one of the largest IT environments in the country. The special publications in most cases represent the best practices for keeping an IT environment safe and secure. While not necessarily all publications are applicable to all organizations, many organizations model their own IT security on information from NIST 800. Second, companies seeking to contract for the federal government need a degree of compliance with NIST 800. In particular, NIST Special Publication 800-171, Protecting Controlled Unclassified Information(“CUI”) in Nonfederal Information Systems and Organizations spells out compliance requirements for current and prospective contractors.