A Publication by the National Institute for Standards and Technology (NIST)

 

A Publication by the National Institute for Standards and Technology

Financial data is continuously at risk of theft from external cyber threats. These threats have the potential to cost financial institutions like banks and credit unions millions of dollars in damages. The persistence of these threats remains an issue to those within the computer security domain. Security managers and executives need guidance on how to manage information systems under their purview and address these threats as they develop. Enter the NIST 800.

The NIST 800 series is a technical standard set of publications that details U.S. government procedures, policies, and guidelines on information systems - developed by the National Institute of Standards and Technology. This non-regulatory agency assists agencies by supplying information to aid in information systems governance.

 

Application of the NIST 800 Series

While they may not hold any data regarding that particular aspect, specific criteria must be met when it comes to computer network security. The NIST 800 publications provide a baseline on how government and private organizations should administer their network security posture, including their security policies.

 

Individual publications related to the series tie into different aspects of the cyber defense domain. Even though private organizations aren't necessarily aware this particular series exists in the first place, they already implement many of the standards contained therein as part of their business practices. Details contained in the NIST 800 references include, but are not limited to:

 

- Protecting controlled unclassified information

- Developing a cybersecurity workforce, etc

- Email cryptography and protection

 

These references continue to evolve today as information technology changes frequently as well.

 

NIST 800-53

NIST 800-53 is a unique publication that contains an index of privacy and security controls to information systems except for networks that handle national security. The publication underwent several revisions over the past three decades due to NIST's partnership with the Department of Defense, civil and intelligence agencies. The latest iteration of this publication is Revision 5, which covers some of the following:

 

  • Privacy controls being fully integrated with security controls, creating a unified standard of controls for organizations and networked systems
  • Eliminating the term 'information system' and applying the word 'system,' meaning that the controls can be used to any system that deals with data: such as industrial systems, IoT devices, cyber-physical systems, and so forth
  • Tying in new practice controls based on attacks gathered by empirical data and threat intel assessments
  • De-emphasizing the federal aspect to encourage adoption by organizations outside of the federal government

 

Revision 5 was on hold due to disagreements between U.S. federal agencies. It is currently available for public dissemination as of September 2020.

 

Revision 4, released in 2012, emphasizes specific subject areas, including but not limited to:

 

  • Insider threats
  • Privacy
  • Cross-domain solutions
  • Advanced persistent threats
  • Software and web application security
  • Social network, cloud computing, and mobile devices

 

There are many control families listed under this specific revision, including:

 

  • AC – Access Control
  • CM – Configuration Management
  • IA – Identification and Authentication
  • MP – Media Protection
  • PS – Personnel Security
  • AC – Access Control
  • RA – Risk Assessment
  • PE – Physical and Environmental Protection
  • SI – System and Information Integrity
  • SA – System and Services Acquisition
  • AT – Awareness and Training



New Developments for NIST SP 800

One of the latest releases within the NIST 800 series is the NIST 800-207, which serves as a reference for the Zero Trust principle for network security. The Zero Trust concept focuses on vetting and controlling accesses for remote assets accessing the headquarters network, under the assumption that they are not to be trusted based on their physical and network location. Authentication and authorization are vetted at both the user and device levels before they access the system.

NIST Compliance

Typically, private organizations may choose to comply with the publications under the NIST 800 voluntarily. However, contractor companies tied to federal agencies via obligatory contracts must comply with the standards laid out by references linked to the NIST 800, specifically NIST 800-171.

2021 and Beyond

Today's challenges are to maintain the privacy and security of corporate data from external threats attempting to breach network defenses and maintain the enterprise's operation. You can access all the relevant publications related to the NIST 800 Series from the Computer Security Resource Center. 

 

Comments

Post a Comment

Popular posts from this blog

CompTIA Security+ (SY0-501) and (SY0-601) Practice Questions Question 1 Which of the following disaster recovery sites would require the MOST time to get operations back online?  A. Colocation  B. Cold  C. Hot  D. Warm The disaster recovery sites listed, from the option that would require the MOST time to get operations back online to the option that would require the LEAST time, are as follows: B. Cold D. Warm A. Colocation C. Hot Therefore, the option that would require the MOST time to get operations back online is the B. Cold site. Question 2 A security manager needed to protect a high-security datacenter, so the manager installed an access control vestibule that can detect an employee's heartbeat, weight, and badge. Which of the following did the security manager implement?  A. A physical control  B. A corrective control  C. A compensating control  D. A managerial control The security manager implemented A. A physical control. P...
Read more

HPING

Image
 DENIAL OF SERVICE ATTACK- SYN FLOOD ATTACK Hping :  Hping is a popular command-line network tool that is used for various purposes related to network troubleshooting, security assessment, and penetration testing. It is known for its ability to send custom TCP/IP packets and perform advanced network scanning and testing. Here are some common use cases for Hping: Network scanning: Hping can be used to perform port scanning, where it sends TCP or UDP packets to specific ports of a target system to identify open ports, closed ports, or filtered ports. This information can be useful for network administrators to assess the security of their network or for attackers trying to identify potential entry points.   Firewall testing: Hping can help evaluate the effectiveness of firewalls by sending packets with various flags and payloads to test how the firewall responds. It can help identify potential weaknesses or misconfigurations in firewall rules.   Denial-of-Service (DoS...
Read more