Source |
NoticeBored |
Identifiant |
409102 |
Date de publication |
2017-08-16 10:45:46 (vue: 2017-08-16 10:45:46) |
Titre |
NBlog August 16 - NIST SP800-53 draft v5 |
Texte |
[if gte vml 1]> [if !vml]-->[endif]-->A public draft of NIST SP800-53 revision 5 is worth checking out.Major changes in this draft:"Making the security and privacy controls more outcome-based by changing the structure of the controls;Fully integrating the privacy controls into the security control catalog creating a consolidated and unified set of controls for information systems and organizations, while providing summary and mapping tables for privacy-related controls;Separating the control selection process from the actual controls, thus allowing the controls to be used by different communities of interest including systems engineers, software developers, enterprise architects; and mission/business owners;Promoting integration with different risk management and cybersecurity approaches and lexicons, including the Cybersecurity Framework; |
Envoyé |
Oui |
Condensat |
passionate 12th to 27002:kind 5 is >a public a little about accountability actual address allowing also although andincorporating andsecurity application approaches architects; are attack august awareness based between beyond catalog centric changes changing checking cisspceo comments communities consolidated control controls controls;fully controls;separating core corresponding creating critical cyber cybersecurity data developers different draft draft: empirical endif engineers enterprise evolving framework framework;clarifying from full functions gary governance gte has have hinson improve incident including information infrastructure infrastructures integrating integration intelligence intended interest invited isect iso/iec lexicons liking look ltd major making management mapping may mba metrics mission/business more national nblog necessary new next nist one organizations out outcome own owners;promoting particularly phd practice privacy process providing regards related relationship release revision risk risks; scope security selection september set several software sp800 standards state strengthen structure summary suspect systems tables tag threat thus timeline too unified used vml ways well which worth zealand |
Tags |
|
Stories |
|
Notes |
|
Move |
|