Stronghold Cyber Security CEO Jason McNew was recently quoted by Federal Computer Week (FCW) for an article titled “Contractors have questions about DOD’s cyber requirements”, which discusses the Pentagon’s latest move in improving cybersecurity for the industrial base, and includes commentary on the draft version of NIST 800-171B. Author Derek B. Johnson sourced Stronghold Cyber Security’s white paper for defense contractors regarding the comparisons of the current NIST 800-171 framework to the newly released draft version of NIST 800-171B.
Stronghold Cybersecurity worried that a requirement to restrict access to systems and components to information resources owned, provisioned or issued by the organization would wreak havoc on an increasingly mobile IT workforce.
“Any [Bring Your Own Device] goes out the window with this one for sure,” wrote Jason McNew, the firm’s Certified Information Systems Security Professional.
The newly released white paper explores the 33 enhancements that the NIST 800-171B draft adds to the original framework. It also goes through each of the 14 security families in NIST 800-171, and explains how the 33 enhancements impact those families, and is concluded with a brief discussion of estimated costs.
“The white paper was not written to be extremely technical and is intended for both security professionals who work with NIST 800-171, as well as managers and executives overseeing compliance efforts.”, says McNew.