The third revision of NIST Special Publication 800-171 brings substantial changes across several key areas: the structure of control families has been expanded to better address new threats, individual security controls have been updated to enhance overall system security, and the criteria for tailoring these controls to specific organizational needs have been clarified, all in an effort to adapt to the dynamic landscape of information security. Read more about these changes and what federal contractors need to know in Alex Major’s Feature Comment for The Government Contractor.