Use of NIST 800-53 is recommended for state, local, and tribal governments and for critical infrastructure maintained by the private sector.Ĭontents NIST 800-53 controls and SSH Ramifications of non-compliance Recommendations Additional information NIST 800-53 controls and SSH
It generally represents industry best practice in cybersecurity. It is also widely followed in the private sector. The basic purpose of NIST SP 800-53 is to establish cybersecurity standards and guidelines for US Federal government agencies and federal information systems. It is now at revision 4, also called NIST SP 800-53r4. NIST SP 800-53 has undergone several revisions as the state of the art and understanding of cyber attacks and defences has improved.
This in turn refers to NIST Special Publication 800-53 as the mandatory minimum controls that federal agencies must implement. The Federal Information Security Management Act of 2014 ( FISMA) authorizes NIST, the National Institute of Standards and Technology, to specify the technical requirements.įIPS (Federal Information Processing Standard) 200, Minimum Security Requirements for Federal Information and Information Systems, sets out these requirements. US law specifies a minimum information security requirements for information systems used by the federal government.
0 kommentar(er)
