60.8 F
San Francisco
Monday, October 26, 2020

New Updates in the NIST Special Publication (Revision 2) September 2017

The NIST Special Publication (Revision 2) is this year’s second update, published as a response to the Executive Order signed by Trump meant to strengthen the Cybersecurity of federal network and critical infrastructure. This update aims to develop a sturdy, easy to use Risk Management Framework (RMF) for organizations and systems.

Importance of Digital Security

We are growing more depended on technology for everything, as the world progresses to a fully digital age. Soon, everything from dishwashers, cameras, smart homes, and other devices will be internet enabled and will communicate with each other. Other than common household appliances, the military systems, emergency services, the electric grid depend on the web and technology.

With each passing day, there are security breaches of organization systems, personal devices, and even government agencies. There is also rising fear of meddling of government systems by foreign countries such as the Chinese and Ru25ssian hacks. The first RMF framework by NIST created back in 2014 during the Obama administration was voluntary for adoption by non-federal bodies. This year NIST seems to be shifting from a non-regulatory body to ensure the conformity of agencies through auditing.

The NIST Special Publication (Revision 2)

In January 2017, the original Cybersecurity Framework published in 2014, received an update to encourage more adoption. The update was to add recommendations from security experts and make it easy to understand by simplifying vocabulary. Terms such as authentication and authorizations were clarified, and new concepts such as identify proofing added.

The new update is a discussion draft, which will receive an update in November 2017, final draft in 2018 and last publication in March 2017. The primary objectives are to ensure communications between the risk management processes and activities at the C-suite level in the organization. Also, the draft seeks to promote a more cost-effective implementation of the RMF for systems and organizations.

The RMF 2.0 also aims to show how the Cybersecurity Framework can be executed using existing NIST risk management processes. Finally, it seeks to integrate privacy concepts into the RMF and support use of the privacy control catalog defined in the previous NIST Special Publication in January.

Risk Management Framework Steps

Preparation: Includes the assignment of roles and responsibilities of participants in the risk management process. Identification of assets that need protection occurs and the information lifecycle determined.

Selection: The second step involves the selection of privacy controls to reduce risk and documentation of the controls. A monitoring strategy that matches the organization’s system is developed. Finally, the approval of selected security and privacy controls happens.

Assessment: Functions to monitor if the controls implemented by the organization work correctly to guarantee confidentiality and safety. After the findings, recommendations to weaknesses and deficiencies are proposed and implemented by updating the system.

Authorization: A senior management official ensures that the implemented privacy and security controls for risk management are acceptable.

Monitoring: Involves keeping track of changes and maintaining continuous awareness of the security and privacy posture of the system in supporting the risk management.

NIST Popularity is growing in the non-federal market, and adopting it could mean increased security through controls. The publication details the process and the stakeholders completely to ensure implementation of cyber management from agencies to small businesses.

Previous articleMinnie Mouse Cupcakes
Next articleMike’s Pastry
Edel Alonhttp://edelalon.com
Edel-Ryan Alon is a starving musician, failed artist, connoisseur of fine foods, aspiring entrepreneur, husband, father of two, geek by day, cook by night, and an all around great guy.

Related Articles

Most Romantic Destinations in Europe

Traveling is the only thing you spend money on that makes you richer in the end. Sounds funny, but it’s true. Even if you’re...

Candy Distribution Halloween 2020

Burton, the Social Distancing Candy Snake: Saving Trick-or-Treating in COVID Times We created a candy distribution system for Halloween to help aid in social...

Eight Ways To Remain Engaged When Working Remotely

The world is handling lockdown confusion, pandemic issues, and job loss. Everywhere in the world has handled some kind of reduction in productivity in the...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

440FollowersFollow
9,970FollowersFollow
17SubscribersSubscribe
- Advertisement -

Latest Articles

Candy Distribution Halloween 2020

Burton, the Social Distancing Candy Snake: Saving Trick-or-Treating in COVID Times We created a candy distribution system for Halloween to help aid in social...

Eight Ways To Remain Engaged When Working Remotely

The world is handling lockdown confusion, pandemic issues, and job loss. Everywhere in the world has handled some kind of reduction in productivity in the...

Canada Post Codes to City Providence

Thanks to Ray who sent me the data. Ray saw the post on US zip codes to city and provided me the data to...

How to Plan a Wedding – “New Normal” Guide

Whether the unpredictable pandemic situation will improve around the globe or not is something we cannot know for sure. However, one thing is certain,...

When to Flip a Pancake

Flip when the bubbles come through the entire pancake.