First installment of unified cyber security framework for US releasedJune 18th, 2009 - 2:22 pm ICT by ANI
Washington, June 18 (ANI): The first installment of a three-year effort to build a unified information security framework for the entire federal government of the United States has been released.
It has been released by the National Institute of Standards and Technology (NIST), in partnership with the Department of Defense (DOD), the Intelligence Community (IC), and the Committee on National Security Systems (CNSS).
This installment is titled NIST Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations.
“The common security control catalog is a critical step that effectively marshals our resources,” said Ron Ross, NIST project leader for the joint task force.
“It also focuses our security initiatives to operate effectively in the face of changing threats and vulnerabilities. The unified framework standardizes the information security process that will also produce significant cost savings through standardized risk management policies, procedures, technologies, tools and techniques,” he added.
This publication is a revised version of the security control catalog that was previously published in response to the Federal Information Security Management Act (FISMA) of 2002.
This special publication contains the catalog of security controls and technical guidelines that federal agencies use to protect their information and technology infrastructure.
When complete, the unified framework will result in the defense, intelligence and civil communities using a common strategy to protect critical federal information systems and associated infrastructure.
This ongoing effort is consistent with US President Obama’s call for “integrating all cybersecurity policies for the government” in his May 29 speech on securing the US cybersecurity infrastructure.
The revised security control catalog in SP 800-53 provides the most state-of-the-practice set of safeguards and countermeasures for information systems ever developed.
The updated security controls, many addressing advanced cyber threats, were developed by a joint task force that included NIST, DOD, the IC and the CNSS with specific information from databases of known cyber attacks and threat information.
Additional updates to key NIST publications that will serve the entire federal government are under way.
These will include the newly revised SP 800-37, which will transform the current certification and accreditation process into a near real-time risk management process that focuses on monitoring the security state of federal information systems, and SP 800-39, which is an enterprise-wide risk management guideline that will expand the risk management process. (ANI)
- Obama urges Congress to pass cybersecurity bill - Jul 20, 2012
- 'Link cyber terrorism to India's overall counter-terror capabilities' - May 16, 2012
- Pentagon unveils cybersecurity strategy - Jul 15, 2011
- Senate Approves "Internet Kill Switch" Bill - Jun 28, 2010
- Third global cybersecurity summit in Delhi next year: Sibal - Nov 15, 2011
- Antony warns of emerging threats from China, AfPak - Apr 24, 2012
- Pentagon to tap into cloud computing - Jul 12, 2012
- Remote controlled 'Die Hard 2 airport attack' might soon become real aviation threat: Expert - Apr 04, 2011
- US faces prospect of losing all out cyberwar - Feb 25, 2010
- India creating architecture to ensure cyber security: NSA - May 16, 2012
- US House passes cybersecurity bill - Apr 27, 2012
- Cyber warfare: Indian Army boosts its defences - Jul 18, 2010
- US troops to get translation devices to break language barrier on foreign shores - Jul 31, 2010
- South Africa's new policy to combat cyber crime - Mar 13, 2012
- G-20 Summit Declaration - Jun 20, 2012
Tags: civil communities, common security, defense intelligence, federal information systems, fisma, information security management, intelligence community, joint task force, national institute of standards and technology, national institute of standards and technology nist, national security systems, revision 3, risk management policies, ron ross, security control, security controls, security framework, security initiatives, technology infrastructure, unified framework