The National Institute of Standards and Technology, in the first draft of Special Publication 800-171 Rev. 3, is proposing new security measures for organizations handling sensitive federal data that more closely align NIST's massive catalog of security and privacy controls and allow for more flexibility in assessing risk. NIST 800-171 is focused on protecting controlled unclassified information. The first draft of revision three was published today and takes into account feedback from a pre-call for comments on the entire 800-171...