The National Institute of Standards and Technology (NIST) has now made available the Final Release of SP 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations – representing the most comprehensive update to the security controls catalog since its inception in 2005.
This update was motivated primarily by the expanding occurrences of cyber security threats – looking at the increased sophistication of those cyber-attacks; the growing frequency of such attacks; the professionalism of the attackers, and the persistence of targeting by attackers.
State-of-the-practice security controls and control enhancements have been developed and integrated into the catalog addressing such areas as:
- mobile and cloud computing;
- applications security;
- trustworthiness, assurance, and resiliency of information systems;
- insider threat;
- supply chain security;
- and the advanced persistent threat.
In addition, Special Publication 800-53 has been expanded to include eight new families of privacy controls based on the internationally accepted Fair Information Practice Principles.
To view and download this current revision to this document developed by NIST, the Department of Defense, the Intelligence Community, and the Committee on National Security Systems as part of the Joint Task Force, an inter-agency partnership formed in 2009 — CLICK HERE.
Please pass this important cybersecurity related information along to those information and network security team members in your organization.