January 18, 2021

Volume XI, Number 18

Advertisement

January 18, 2021

Subscribe to Latest Legal News and Analysis

NIST Finalizes Guidance on Security and Privacy Control Baselines – SP 800-53B

NIST has now finalized its guidance providing important information on selecting both security and privacy control baselines for the Federal Government. The guidance is available here: Special Publication 800-53B, Control Baselines for Information Systems and Organizations. As we previously discussed when the draft version was released, these control baselines are from NIST Special Publication 800-53, and have been moved to this separate publication as a consolidated catalog of privacy and security controls. While the implementation of a minimum set of controls is required for protecting federal information systems, NIST envisions that these control baselines can be implemented by any organization that processes, stores, or transmits information.

The overall purpose and intent of the guidance has not changed since we last reviewed the draft guidance, which you can review here. However, edits were made in the finalization process and this final version should be thoughtfully reviewed when implementing the control baselines.

Putting it Into Practice: Now that this guidance is final, federal contractors should review carefully as these new security and privacy baselines will be applied to any federal information system used or operated by a contractor on behalf of an agency, or another organization on behalf of an agency. Companies in the private sector should pay attention as well, as NIST guidance is often used as a basis for industry standards in security and privacy.

Advertisement
Copyright © 2020, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume X, Number 311
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Elfin Noce Business Trial Attorney
Associate

Elfin L. Noce is an Associate in the Business Trial Practice Group in the firm's Washington, D.C. office.

Practices

  • Litigation

Industries

  • Communications

Education

  • J.D., University of Missouri, Columbia, 2005

  • B.A., Truman State University, 2000

Admissions

  • *Not admitted in District of Columbia; supervised by partners of the firm

  • Missouri

202.747.2196
Jonathan E. Meyer, Sheppard Mullin, International Trade Lawyer, Encryption Technology Attorney
Partner

Jon Meyer is a partner in the Government Contracts, Investigations & International Trade Practice Group in the firm's Washington, D.C. office.

Mr. Meyer was most recently Deputy General Counsel at the United States Department of Homeland Security, where he advised the Secretary, Deputy Secretary, General Counsel, Chief of Staff and other senior leaders on law and policy issues, such as cyber security, airline security, high technology, drones, immigration reform, encryption, and intelligence law. He also oversaw all litigation at DHS,...

202-747-1920
Townsend Bourne, Government Affairs Attorney, Sheppard Mullin Law FIrm
Associate

Ms. Bourne's practice focuses on Government Contracts law and litigation. Her experience includes complex litigation in connection with the False Claims Act, bid protest actions both challenging and defending agency decisions on contract awards before the Government Accountability Office and Court of Federal Claims, claims litigation before the Armed Services Board of Contract Appeals and the Civilian Board of Contract Appeals, investigating and preparing contractor claims, and conducting internal investigations. 

Ms. Bourne advises clients on a...

202-469-4917
Advertisement
Advertisement