Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

NIST Security Guidance Revision: Prepare Now

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 17 Jun 2014 08:23:24 +0000 (UTC)
http://www.informationweek.com/government/cybersecurity/nist-security-guidance-revision-prepare-now/a/d-id/1269663

By Vincent Berk
Commentary
InformationWeek.com
6/16/2014
The National Institute of Science and Technology's Special Publication 800-53 aims to raise the bar and set a standard of security for federal government information processing systems. As NIST works on Revision 5 of the document, which is expected to come out in April 2015, it will need to reverse the sweeping generalizations made in Revision 4 regarding the nature of the threat against data. Network defense is not a spectator sport -- it must be engaged in continuously and consciously.
As a natural evolution of the NIST document, continuous monitoring and anomaly detection will likely play a more significant role in Revision 5. However, agencies should not wait until next April to shift focus towards understanding the specific threats to data through continuous monitoring. There is a great deal agencies can do to get a head start on the guidance and to prepare their systems and networks for the new version in advance. 


Build an active defense
The rubber meets the road in active defense at strategic data acquisition -- collecting the information needed to understand the changing nature of the adversary. For a multi-faceted data acquisition approach, we must start by analyzing the key threat categories that we face.
The term "advanced persistent threat" has been overused in recent years, but it describes the most important type of attacker any government agency should prepare for. Government organizations are by definition the only high-valued target in their class -- after all, there is only one IRS or one Defense Department -- so there is no other "low-hanging fruit" for attackers to go after. This means targeted attackers will be stealthy and crafty in any offensive approach. 

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: