NIST revises security and privacy control assessment methods

By |

The NIST (National Institute of Standards and Technology) has announced the release of a new Special Publication revision to verify the veracity of the implementation of security and privacy controls. Special Publication (SP) 800-53A Revision 5 includes updates that correspond to the security and privacy controls mentioned in SP 800-53. Primarily this revision provides a methodology and a set of assessment procedures to ensure (with verification) that the controls implemented meet all objectives and are attuned to achieve stated privacy and security outcomes of an organization.

The NIST SP 800-53A assessment procedures offer a framework and an initiation point for assessing controls that can be customized to meet the needs of organizations and assessors. It enables the assessment of security and privacy controls within an effective and well-defined risk management framework.

NIST SP 800-53A also:

  • Introduces a new model for varied assessment procedures to better support the use of automated tools
  • Strives to improve the efficiency of control assessments
  • Supports continuous monitoring of existing authorization programs
  • Is oriented towards helping organizations understand their specific needs around controls and implement them accordingly
  • Addresses newly updated privacy and supply chain risk management controls

To enable organizations to use, the assessment procedures with ease, they have been published by NIST in multiple data formats. These include comma-separated values (CSV), plain text, and Open Security Controls Assessment Language (OSCAL). All of these are accessible on NIST’s publication details page and in the OSCAL Content Git Repository.

Learn about easy to deploy compliance kits to help your regulatory compliance initiatives.   

Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now.

Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business

See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. 

Improve your cybersecurity through ot and iot focused threat intelligence feeds free for 15 days
NIST revises security and privacy control assessment methods - Sectrio

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

Ot and iot security standards and best practices for ciso's
NIST revises security and privacy control assessment methods - Sectrio

Download our CISO IoT and OT security handbook  

Gain insights from the largest ot and iot focused honeypot network - sectrio
NIST revises security and privacy control assessment methods - Sectrio

Access our latest Global Threat Landscape report  

Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defense tactics at close quarters.

Subscribe to Newsletter

Related Posts

Protect your IoT, OT and converged assets with Sectrio