NIST Revamps Core Computer Security Guide


On April 30, the National Institute of Standards and Technology (NIST) published a substantially revised version of its Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations,” the government’s core computer security guide. Although developed for use by federal agencies, the NIST Special Publication is widely used in the private sector.  The revisions are the most extensive since the document first was published in 2005 and is meant to address evolving and emerging cyber security threats. For example, the new guide incorporates issues specific to (i) mobile and cloud computing, (ii) insider threats, (iii) applications security, (iv) supply chain risks, (v) advanced persistent threats, and (vi) trustworthiness, assurance, and resilience of information systems. It is sector-specific to allow organizations greater flexibility in building information security systems, and also provides for the first time a privacy controls catalog.

Topics:  Cybersecurity, NIST, Security and Privacy Controls

Published In: Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BuckleySandler LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »