NIST Publishes Draft Fifth Revision of SP 800-53, Security and Privacy Controls for Information Systems and Organizations and Requests Public Comment

August 16, 2017. On August 15, 2017, the National Institute of Standards and Technology (NIST) announced publication of the Draft Fifth Revision of NIST Special Publication (SP) 800-53 in a news release entitled: “NIST Crafts Next-Generation Safeguards for Information Systems and the Internet of Things.” NIST encourages public comment on Draft NIST SP 800-53-5 during the comment period of August 15-September 12, 2017, with comments sent via email by September 12, 2017, to: sec-cert@NIST.gov, with the subject line: “’Comments on Draft SP 800-53 Rev.5.’”

NIST Publishes New Digital Identity Guidelines in Four Online Documents

June 27, 2017. The National Institute of Standards and Technology (NIST) released this month new Digital Identity Guidelines in a suite of four final documents in the Special Publication (SP) 800 series as SP 800-63-3. According to NIST, this suite of four documents covers “digital identity from initial risk assessment to deployment of federated identify solutions.” This suite is an outcome of a collaboration of stakeholders from government, industry, and academe, with the guidelines in the suite of documents describing “the risk management processes for selecting appropriate digital identity services and the details for implementing identity assurance, authenticator assurance, and federation assurance levels based on risk”.

NIST Update on SP 800-53, Revision 5 on Security and Privacy Controls

May 3, 2017. The Computer Security Resource Center (CSRC) of the National Institute of Standards and Technology (NIST) has provided an update on NIST Special Publication (SP) 800-53, Revision 5, entitled: Security and Privacy Controls for Systems and Organizations, indicating that the projected date of release of March 28, 2017, was delayed because the “publication is still undergoing internal review.” CSRC plans further updates “on the progress of the internal review and the anticipated release date. It also provided the following information in its update, with [emphasis added]:

NIST Misses Projected March 28, 2017, Publication Deadline for NIST SP 800-53-5, But Status Document Informative About Changes

March 30, 2017. In its undated update of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53-Revision 5, with the expected title: “Security and Privacy Controls for Federal Information Systems and Organizations,” NIST indicated that it was projected to be published on March 28, 2017, which date also coincided with the Information Security and Privacy Advisory Board (ISPAB) meeting in Washington, DC, at which a presentation was scheduled on Draft SP 800-53-Revision 5.

NIST Updates Validated AES Algorithms and FIPS-140-2 Cryptographic Modules Lists; Announces March 2017 Revision 5 of NIST SP-800-53

November 8, 2016. On November 4, 2016, the National Institute of Standards and Technology (NIST) released an updated version of Advanced Encryption Standard Algorithm Validation List that describes “implementations which have been validated [through testing] as correctly implementing the [Advanced Encryption Standard (AES)] algorithm.” The implementations “consist of [descriptions of] software, firmware, hardware, and any combination thereof” by vendors that are responsible “to notify NIST of any necessary changes to its entry” in the updated document.

HIPAA Safeguard Embraces NIST ‘Cybersecurity Framework’ Functions

June 1, 2015.  On February 12, 2013, President Obama issued Executive Order # 13636:  Improving Critical Infrastructure Cybersecurity, a provision of which directed the National Institute of Standards and Technology (NIST) to develop “a framework to reduce cyber risks to critical infrastructure (the ‘Cybersecurity Framework’).”   On February 12, 2014, NIST published Version 1.0:  Framework for Improving Critical Infrastructure Cybersecurity.   Two definitions relating to terms in the title are required before examining the elements of the framework:

 

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)