A Deeper Dive into NIST
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the US Department of Commerce. NIST was created to promote innovation and industrial competitiveness by advancing measurement science, standards, and technology. It provides standards and guidelines for cybersecurity, information technology, and physical sciences.
NIST is most well-known for its Cybersecurity Framework. Here is a quick look at some of the top NIST IT Security frameworks:
- NIST SP 800-53: The NIST SP 800 series was first published in 1990 and it addresses every aspect of information security, with an increasing focus on cloud security. NIST SP 800-53 is the information security benchmark for U.S. government agencies and the private sector. SP 800-53 has helped spur the development of information security frameworks, including NIST Cybersecurity Framework.
- NIST SP 800-171: Requirements set by the US Department of Defense regarding compliance with security is the reason this NIST SP framework has gained popularity. Any government manufacturer or subcontractor must have an IT security framework to bid on deferral and state business opportunities. Controls included in the NIST SP 800-171 framework are related to NIST SP 800-53 but are less detailed and more generalized.
- NIST CSF: NIST Framework for Improving Critical Infrastructure Cybersecurity (NIST CSF) was developed under Executive Order 13636, released in February 2013. It was developed to address U.S. critical infrastructure, including energy production, water supplies, food supplies, communications, healthcare delivery and transportation. Unlike other NIST frameworks, NIST CSF focuses on cybersecurity risk analysis and risk management. Security controls in the framework are based on the five phases of risk management: identify, protect, detect, respond, and recover.
- NIST SP 1800 series: This framework offers information on how to implement and apply standards-based cybersecurity technologies in real-world applications. It complements the NIST SP 800.
Organizations leverage NIST standards and guidelines to strengthen their cybersecurity posture and align with industry best practices.
2W Tech’s experience as a long-time technology solutions provider, we can assist you in meeting various security compliance standards, including NIST, ITAR, CMMC 2, PCI, HITRUST, and the other alphabet soup of regulatory requirements. Give us a call today to learn more.
Read More: