Government Releases Cybersecurity Draft Guidance

Government Releases Cybersecurity Draft Guidance

NIST-3-Tiered-Risk-ApproachThe Government Accountability Office has released draft guidance for Cybersecurity policy for agencies and contractors.  The review period goes until September 10, 2015.

 

 

They included 8 major recommendations:

1.    US government coordination.
2.    US. government participation in cybersecurity standards development.
3.    Development of  timely and technically sound standards and assessment.
4.    Government and commercial collaboration in standards development.
5.    Improving international coordination and information sharing.
6.    Support and expanding standards training for federal agency staff.
7.    Developing cybersecurity standards that minimize privacy risk.
8.    Using relevant international standards where possible.

References

NIST Special Publication 800-37, Guide for Applying the Risk Management Framework To Federal Information Systems: A Security Life Cycle Approach, 2010.

GAO, CYBERSECURITY Actions Needed to Address Challenges Facing Federal Systems

Go Back

Related Resources

Why Function Points?

Quantitative software measurement extends significant benefits to IT organizations. Relatively few successful, robust, and mature measurement frameworks have been implemented.Function … Read More Why Function Points?

The impact of COVID-19 on Your Cybersecurity Budget

In response to the pandemic, plenty of organizations had to re-invent themselves or significantly change the way they do business. … Read More The impact of COVID-19 on Your Cybersecurity Budget

The Organizational Risks of not performing Robust Should Cost Analysis