NIST Updating Security Controls

February 6, 2013

Eric Chabrow

The National Institute of Standards and Technology is a step closer to publishing its fourth version of one of its premier information security guides - Special Publication 800-53: Security and Privacy Controls for Federal Information Systems and Organizations.

NIST, on Feb. 5, issued the final public draft of the guidance, seeking comments from the public as it finalizes the final version of SP 800-53 Rev. 4, which is expected to be published in April.

"This is by far the most extensive update to our control catalog since it was first published in 2005," says Ron Ross, the NIST computer scientist who heads the initiative that's revising the guidance. "We received and responded to several thousand comments from across the federal government, industry and academia during the initial public comment period and have greatly increased the cybersecurity toolset for our customers as a result."