Warning: Use of undefined constant add_shortcode - assumed 'add_shortcode' (this will throw an Error in a future version of PHP) in /nfs/c03/h02/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/stray-quotes/stray_quotes.php on line 615

Warning: Use of undefined constant MSW_WPFM_FILE - assumed 'MSW_WPFM_FILE' (this will throw an Error in a future version of PHP) in /nfs/c03/h02/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/wordpress-file-monitor/wordpress-file-monitor.php on line 39
Tag: NIST Computer Security

Archive for NIST Computer Security

You are browsing the archives of NIST Computer Security.

NIST Adds New SP-1800 series

NIST (National Institute of Standards and Technology) has announced a new Special Publications (SP) series of documents called SP-1800, intended to augment the SP-800 series. SPECIAL PUBLICATIONS – [nist.gov] SP 1800, NIST Cybersecurity Practice Guides (2015-present): A new subseries created to complement the SP 800s; targets specific cybersecurity challenges in the public and private sectors; […]

APT versus OODA Security Controls

Advanced Persistent Threat (APT) is a kind of attack comes from a team with advanced skills, deep resources, and specific targets. They use advanced tools and techniques that are capable of circumventing defenses. They use stealth and demonstrate good situational awareness in evaluating the state of the defenders they face. They respond quickly and with […]

Tailoring Security Controls

The NIST Risk Management Framework (RMF) is a six step process as follows: Categorize both the information and the system based on impact. Select a baseline set of security controls. Implement the controls. Assess the effectiveness of the security controls. Authorize the system to operate. Monitor the ongoing state of protection the security controls are […]

New Insider Threat Controls in 800-53 rev4

The NIST revision to 800-53 controls that is known as rev4 added new controls related to insider threats. PM-12 (0) INSIDER THREAT PROGRAM – this is the master control requiring an insider threat program, including a team that is focused on insider threat incident handling. The team needs to have cross-discipline representation that allows them […]

Assurance is the Reason to Trust

We want to trust that the measures we take to protect our information systems are working. But we need concrete reasons to hold that trust. We need proof that our defensive controls are doing the job and are actually protecting the system. Those reasons and that proof are known as “Assurance”. Trust tends to be […]

800-53 rev4 Changes

NIST periodically revises their catalog of security controls, “NIST SP 800-53 Recommended Security Controls for Federal Information Systems”. Rev 4 is the most recent version. Here are some of the changes: BASELINES A few existing controls have been re-assigned to new IMPACT level baselines Many new controls have been added – some are not assigned […]

Continuous Monitoring Misunderstood

Network security monitoring includes intrusion detection, audit log correlation and analysis and other methods of detecting failures of our network protections. Continuous monitoring is not the same thing. Continuous monitoring is the process of checking our security controls to make sure they are working. Here is an article that explains some of the background: Continuous […]

New Insider Threat Controls in 800-53 rev4 DRAFT

NIST is working on a DRAFT revision to 800-53 controls that is known as rev4. The new controls include materials related to insider threats. PM-12 (0) INSIDER THREAT PROGRAM – this is the master control requiring an insider threat program, including a team that is focused on insider threat incident handling. The team needs to […]

Security Metrics

It is a mantra of quality improvement methodology that you can’t manage what you don’t measure. Security metrics are the measurements that allow management of information security. As function and requirements change from network and organization to others, so will the requirements and design of security metrics change. But there are some standard and central […]

Security Controls for Dummies

Security controls are functions, counter-measures, processes, safeguards and other efforts to minimize any potential impact from security risks. Security controls come in many different forms and categories: Policy and procedures – define ways to do things, establish methodologies for processes Proactive/Preventive controls – attempt to prevent security events from occurring Monitoring/Detection controls – establish ways […]