Companies looking to protect valuable trade secrets and confidential information routinely employ multiple precautions ranging from employee training to technological safeguards.

Another potential tool in the arsenal, and worth careful consideration for companies operating in the government contract space, is the National Institute of Standards and Technology’s (NIST) recently released final public draft of enhanced security requirements. NIST Special Publication (SP) 800-172, formerly known as Draft NIST SP 800-171B, provides 34 enhanced requirements to protect Controlled Unclassified Information (CUI) associated with critical programs or high value assets from the risks posed by advanced persistent threats (APTs).Unlike prior drafts, 800-172 incorporates the protection strategy and desired effects on the adversary directly into the implementation guidance for each control. These changes have the potential to practically impact how companies implement trade secret precautions by elevating the baseline cybersecurity standards for particularly sensitive forms of information.