The National Institute of Standards and Technology (NIST) has issued for public comment its first major update of Special Publication 800-53, the catalog of security controls and technical guidelines that information technology professionals use to select appropriate safeguards and countermeasures for protecting federal information and information systems.
SP 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations, is one of the principal security publications in the suite of security standards and guidelines published by NIST in response to the Federal Information Security Management Act (FISMA) of 2002.
Ron Ross, FISMA Implementation Project leader, says, “We have received excellent feedback from our customers during the past three years and have taken this opportunity to provide significant improvements to the security control catalog. We also continue to work closely with the Department of Defense and the Office of the Director of National Intelligence under the auspices of the Committee on National Security Systems on the harmonization of security control specifications across the federal government.”
SP 800-53 Revision 3 incorporates lessons learned since the original publication to update many of the current security controls, adds new security controls and control enhancements to cover advanced cyber threats, and provides a new family of controls to address organization-wide security programs. The revision introduces the concept of an information security program plan, a vehicle to capture organization-wide security program management requirements—such as capital planning and budgeting, enterprise architectures, and risk management. The revision also eliminates redundant or obsolete controls. In addition, the growing sophistication of cyber attacks necessitated specific changes to the allocation of security controls and control enhancements to the minimum baseline controls recommended by NIST.
In addition to the above modifications, Revision 3 incorporates an overview of a revised, simplified six-step risk management framework, provides additional guidance on managing common controls within organizations and adds security controls for supply chain threats. It also introduces a strategy for harmonizing the FISMA security standards and guidelines with international security standards including an updated mapping table for security controls for organizations wanting to comply with both FISMA and the International Standards Organization 27001 security standard.
Comments on SP 800-53 Revision 3 are requested. The public comment period runs through March 27, 2009 and email should be sent to firstname.lastname@example.org. The publication may be found at http://csrc.nist.gov/publications/drafts/800-53/800-53-rev3-IPD.pdf.
Evelyn Brown | Newswise Science News
18.08.2017 | Albert-Ludwigs-Universität Freiburg im Breisgau
AI implications: Engineer's model lays groundwork for machine-learning device
18.08.2017 | Washington University in St. Louis
Whether you call it effervescent, fizzy, or sparkling, carbonated water is making a comeback as a beverage. Aside from quenching thirst, researchers at the University of Illinois at Urbana-Champaign have discovered a new use for these "bubbly" concoctions that will have major impact on the manufacturer of the world's thinnest, flattest, and one most useful materials -- graphene.
As graphene's popularity grows as an advanced "wonder" material, the speed and quality at which it can be manufactured will be paramount. With that in mind,...
Physicists at the University of Bonn have managed to create optical hollows and more complex patterns into which the light of a Bose-Einstein condensate flows. The creation of such highly low-loss structures for light is a prerequisite for complex light circuits, such as for quantum information processing for a new generation of computers. The researchers are now presenting their results in the journal Nature Photonics.
Light particles (photons) occur as tiny, indivisible portions. Many thousands of these light portions can be merged to form a single super-photon if they are...
For the first time, scientists have shown that circular RNA is linked to brain function. When a RNA molecule called Cdr1as was deleted from the genome of mice, the animals had problems filtering out unnecessary information – like patients suffering from neuropsychiatric disorders.
While hundreds of circular RNAs (circRNAs) are abundant in mammalian brains, one big question has remained unanswered: What are they actually good for? In the...
An experimental small satellite has successfully collected and delivered data on a key measurement for predicting changes in Earth's climate.
The Radiometer Assessment using Vertically Aligned Nanotubes (RAVAN) CubeSat was launched into low-Earth orbit on Nov. 11, 2016, in order to test new...
A study led by scientists of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) at the Center for Free-Electron Laser Science in Hamburg presents evidence of the coexistence of superconductivity and “charge-density-waves” in compounds of the poorly-studied family of bismuthates. This observation opens up new perspectives for a deeper understanding of the phenomenon of high-temperature superconductivity, a topic which is at the core of condensed matter research since more than 30 years. The paper by Nicoletti et al has been published in the PNAS.
Since the beginning of the 20th century, superconductivity had been observed in some metals at temperatures only a few degrees above the absolute zero (minus...
16.08.2017 | Event News
04.08.2017 | Event News
26.07.2017 | Event News
18.08.2017 | Life Sciences
18.08.2017 | Physics and Astronomy
18.08.2017 | Materials Sciences