NIST issues performance metrics draft

"Recommended Security Controls for Federal Information Systems"

The National Institute of Standards and Technology’s Computer Security Division has released the initial draft for Special Publication 800-80, which involves developing metrics for information security programs.

Called the “Guide for Developing Performance Metrics for Information Security,” it links information security performance with overall agency performance. The metrics would allow agencies to measure vulnerabilities and strengths in their information security.

The 43-page draft covers 17 security controls that SP 800-53 recommended for agencies to use to protect their information systems. To facilitate implantation of performance metrics, SP 800-80 also includes templates, one for each of the security control families in SP 800-53.

Public comments on the draft can be submitted via e-mail to 800-80comments@nist.gov until June 19.

Featured

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.