NIST has just released a unique update to its popular Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations.
The National Insitute of Standards and Technology says it is an update that focuses on the Next Generation of Information Systems and the IoT, with a twist.
Privacy is now fully integrated throughout the new draft, which it claims is a first for any control catalog. “This revision covers the overlap in security and privacy for systems, as well as the ways in which they are distinct,” said NIST senior privacy policy advisor Naomi Lefkovitz. “It also enhances the ability for both professional teams to collaborate yet still maintain their respective authorities.”
And the publication goes beyond both information security and the federal government to address ways all kinds of organizations can maintain security and privacy in their interconnected systems. The controls specified now apply to a more diverse user group.
"We are crafting the next-generation catalog of controls that can also be applied to secure the Internet of Things,” said Ron Ross, NIST fellow and team leader of the joint task force that wrote the updated publication.
We know our SecureWorld readers will have valuable insights to share after reading the update and the authors would like to hear it. Send a note by September 12, 2017: sec-cert@nist.gov(link sends e-mail) and use the subject line "Comments on Draft SP 800-53 Rev. 5" so your input is seen by the correct task force.