NIST issues performance metrics draft

"Recommended Security Controls for Federal Information Systems"

The National Institute of Standards and Technology’s Computer Security Division has released the initial draft for Special Publication 800-80, which involves developing metrics for information security programs.

Called the “Guide for Developing Performance Metrics for Information Security,” it links information security performance with overall agency performance. The metrics would allow agencies to measure vulnerabilities and strengths in their information security.

The 43-page draft covers 17 security controls that SP 800-53 recommended for agencies to use to protect their information systems. To facilitate implantation of performance metrics, SP 800-80 also includes templates, one for each of the security control families in SP 800-53.

Public comments on the draft can be submitted via e-mail to [email protected] until June 19.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected