The National Institute of Standards and Technology (NIST) has issued for public comment its first major update of Special Publication 800-53, the catalog of security controls and technical guidelines that information technology professionals use to select appropriate safeguards and countermeasures for protecting federal information and information systems.
SP 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations, is one of the principal security publications in the suite of security standards and guidelines published by NIST in response to the Federal Information Security Management Act (FISMA) of 2002.
Ron Ross, FISMA Implementation Project leader, says, “We have received excellent feedback from our customers during the past three years and have taken this opportunity to provide significant improvements to the security control catalog. We also continue to work closely with the Department of Defense and the Office of the Director of National Intelligence under the auspices of the Committee on National Security Systems on the harmonization of security control specifications across the federal government.”
SP 800-53 Revision 3 incorporates lessons learned since the original publication to update many of the current security controls, adds new security controls and control enhancements to cover advanced cyber threats, and provides a new family of controls to address organization-wide security programs. The revision introduces the concept of an information security program plan, a vehicle to capture organization-wide security program management requirements—such as capital planning and budgeting, enterprise architectures, and risk management. The revision also eliminates redundant or obsolete controls. In addition, the growing sophistication of cyber attacks necessitated specific changes to the allocation of security controls and control enhancements to the minimum baseline controls recommended by NIST.
In addition to the above modifications, Revision 3 incorporates an overview of a revised, simplified six-step risk management framework, provides additional guidance on managing common controls within organizations and adds security controls for supply chain threats. It also introduces a strategy for harmonizing the FISMA security standards and guidelines with international security standards including an updated mapping table for security controls for organizations wanting to comply with both FISMA and the International Standards Organization 27001 security standard.
Comments on SP 800-53 Revision 3 are requested. The public comment period runs through March 27, 2009 and email should be sent to firstname.lastname@example.org. The publication may be found at http://csrc.nist.gov/publications/drafts/800-53/800-53-rev3-IPD.pdf.
Evelyn Brown | Newswise Science News
UT professor develops algorithm to improve online mapping of disaster areas
29.11.2016 | University of Tennessee at Knoxville
New standard helps optical trackers follow moving objects precisely
23.11.2016 | National Institute of Standards and Technology (NIST)
A multi-institutional research collaboration has created a novel approach for fabricating three-dimensional micro-optics through the shape-defined formation of porous silicon (PSi), with broad impacts in integrated optoelectronics, imaging, and photovoltaics.
Working with colleagues at Stanford and The Dow Chemical Company, researchers at the University of Illinois at Urbana-Champaign fabricated 3-D birefringent...
In experiments with magnetic atoms conducted at extremely low temperatures, scientists have demonstrated a unique phase of matter: The atoms form a new type of quantum liquid or quantum droplet state. These so called quantum droplets may preserve their form in absence of external confinement because of quantum effects. The joint team of experimental physicists from Innsbruck and theoretical physicists from Hannover report on their findings in the journal Physical Review X.
“Our Quantum droplets are in the gas phase but they still drop like a rock,” explains experimental physicist Francesca Ferlaino when talking about the...
The Max Planck Institute for Physics (MPP) is opening up a new research field. A workshop from November 21 - 22, 2016 will mark the start of activities for an innovative axion experiment. Axions are still only purely hypothetical particles. Their detection could solve two fundamental problems in particle physics: What dark matter consists of and why it has not yet been possible to directly observe a CP violation for the strong interaction.
The “MADMAX” project is the MPP’s commitment to axion research. Axions are so far only a theoretical prediction and are difficult to detect: on the one hand,...
Broadband rotational spectroscopy unravels structural reshaping of isolated molecules in the gas phase to accommodate water
In two recent publications in the Journal of Chemical Physics and in the Journal of Physical Chemistry Letters, researchers around Melanie Schnell from the Max...
The efficiency of power electronic systems is not solely dependent on electrical efficiency but also on weight, for example, in mobile systems. When the weight of relevant components and devices in airplanes, for instance, is reduced, fuel savings can be achieved and correspondingly greenhouse gas emissions decreased. New materials and components based on gallium nitride (GaN) can help to reduce weight and increase the efficiency. With these new materials, power electronic switches can be operated at higher switching frequency, resulting in higher power density and lower material costs.
Researchers at the Fraunhofer Institute for Solar Energy Systems ISE together with partners have investigated how these materials can be used to make power...
16.11.2016 | Event News
01.11.2016 | Event News
14.10.2016 | Event News
02.12.2016 | Medical Engineering
02.12.2016 | Agricultural and Forestry Science
02.12.2016 | Physics and Astronomy