The latest regulation from the National Institute of Standards and Technology brings in a new era of cybersecurity practices. NIST SP 800-53 Rev. 5 will bridge the gap between cybersecurity teams and organizational objectives.  

First introduced in 2005, SP 800-53 has gone through five revisions since then. The fourth revision, released in 2013, featured updated security controls and focused on insider threats, software security, mobile devices, supply chain security and privacy.  

For NIST SP 800-53 Rev. 5, significant changes include:  

  • Security and Privacy controls have become more outcome-based 
  • Clarifications of language between requirements as well as the relationship between security and privacy controls 
  • Separation of control selection processes and actual controls, making them more accessible to other teams across an organization 
  • New state-of-the-art practice controls based on threat intelligence and industry data to support cyber resilience, secure system design and governance models; and 
  • Promotion of Integrated Risk Management and cybersecurity best practices, allowing Rev 5 to be scalable and applicable to multiple avenues like large scale IT, cloud-based infrastructure, mobile devices and IoT devices.  

The list of security and privacy requirements were taken from different directives, executive orders, applicable laws, standards, policies and regulations, as well as the mission needs. NIST focused on integrating these changes into its overall Risk Management Framework. Revision 5 also appeals to organizations to understand risks that could adversely affect assets, individuals, other organizations, and the United States as a whole.  

When it comes to meeting strict industry guidelines, 2W Tech’s security experts can guide you every step of the way. Our Cybersecurity compliance program helps you develop standards and best practices to ensure you understand each regulation and compliance requirement. Contact 2W today for help maintaining compliance with regulations and standards throughout your industry. 

Read More:

Are You Still Running Your Epicor ERP On-premise?

2020: The Year of Ransomware

Back to IT News