NIST 800-53

 

The NIST 800-53 is a catalog of controls guidelines developed to heighten the security of information systems within the federal government. These controls are used by information systems to maintain the integrity, confidentiality, and security of federal information systems that stores, processes, or transmits federal information.

The NIST guidelines consider a multi-facet approach to risk management through control compliance. SP 800-53 focuses on the controls which can be used along SP 800-37 (Risk Management Framework for Information Systems and Organizations) for a comprehensive approach to information security and risk mitigation.

The controls are broken into three classes based on impact – low, moderate, and high – and are divided into 18 different security control families.

 

NIST 800-53 Security Control Families

 

AC Access Control
AT Awareness and Training
AU Audit and Accountability
CA Security Assessment and Authorization
CM Configuration Management
CP Contingency Planning
IA Identification and Authentication
IR Incident Response
MA Maintenance

 

MP Media Protection
PS Personnel Security
PE Physical & Environmental Protection
PL Planning
PM Program Management
RA Risk Assessment
SA System & Services Acquisition
SC System & Communications Protection
SI System & Information Integrity

 
NIST 800-53: Objective
 

The ultimate objective of 800-53 is to make the information systems we depend on more penetration resistant to attack, limit the damage from cyber-attacks when they happen, and make the systems resilient as security threats continue to evolve.

 
How does this impact my Agency?
 

Each federal agency is responsible for implementing the minimum security requirements outlined by NIST. Agency's’ compliance levels are scored periodically and poor performance numbers can result in penalties and reflect poorly on the agency’s management team and staff.

 
Where to start and why?
 

The security requirements outlined in 800-53 are very mature and describe over 800 controls across the 18 security categories which helps define “what” needs to be accomplished. However, it lacks any prescriptive detail of “how” to accomplish compliance success and what should be the priority of those requirements.

Let NNT show you how a single solution addresses a large portion of the security and compliance requirements across the various categories.

 
NNT & NIST 800-53
 

NNT solutions place emphasis on Configuration Management Policy and Procedures and Information Integrity where:

  • Unauthorized changes to software, firmware, and information can occur due to errors or malicious activity (e.g., tampering). Software includes, for example, operating systems (with key internal components such as kernels, drivers), middleware, and applications.
  • State-of-the-art integrity-checking mechanisms (e.g., parity checks, cyclical redundancy checks, cryptographic hashes) and associated tools can automatically monitor the integrity of information systems and hosted applications.
  • The organization employs automated mechanisms to maintain an up-to-date, complete, accurate and readily available baseline configuration of the information system.

NNT Change Tracker uses a continuous monitoring approach to provide integrity verification in real-time, providing audit trail evidence and alerts in line with 800-53.

 

Speak to a consultant to help you in your NIST 800-53 compliance program today!

How NNT Addresses NIST 800-53

Learn about each requirement and how NNT can help you achieve NIST 800-53 compliance

 
 

Requirements Chart:
NNT Solutions Mapped to
NIST SP 800-53

icon

NNT Products
Trusted by:
sikorsky.jpgwalmartecomm.jpgwestfield-state-university.jpgwett.jpgfisherbioservices.jpgcolliercounty.jpgeuroffice.jpggvec.jpguniversal-orlando.jpgtmnas.jpghermanmiller.jpgtrustford.jpgboomerangsg.jpgNIBSS.jpgiridium.jpgrayonier.jpgshearwater.jpgbobby-cox.jpghepsiburada.jpgzap.jpglansare_logo.jpgpaymetric.jpgspendvision.jpgpartnerships.jpgrosamond.jpgrnn.jpgarmy.jpgenmax.jpghansen.jpgBlackbird-Technologies.jpgconduent.jpgsoutheastvalley.jpgctrls.jpgasociacioncibao.jpgidexperts.jpgunionbank.jpgforeshore.jpgdudley-nhs.jpgdunelm.jpgharrods.jpgcambridgeass.jpgveolia.jpgnashville-int-airport.jpgnic-inc.jpgpunter-southall.jpgxaxis.jpgni.jpgcreditadjustments.jpgnctm.jpgwhsmith.jpgadvance2000.jpgcollege-station.jpgunifiedpayments.jpgraiffeisen.jpgford.jpgmcr.jpgsecurum.jpgalamo-colleges.jpglivenation.jpgace.jpgamdocs.jpgsajan.jpgintuition.jpgpotashcorp.jpglandisgyr.jpgprometric.jpgsymago.jpgvodafone.jpghc-services.jpgretail-lockbox.jpgodeon.jpgharbouritau.jpgwhynotleaseit.jpgcablewire.jpgpowerchord.jpgaimia.jpgdublin-business.jpgkynetic.jpgnkwd.jpgpaypro-business.jpgsecureway.jpgedm.jpgkalmbachpublishing.jpgpicinc.jpghub_logo.jpgclayco.jpgstjoe.jpgtechnologypros.jpghhglobal.jpgcority.jpgageas.jpgnafsa.jpgPenn-State-Uni.jpgincdirect.jpgvisa.jpgSpanson.jpgMontrose-Travel.jpgacas.jpgcredimax.jpgentee.jpgBiaggis.jpgShelby-County.jpgkennethhagin.jpghbl.jpg5thavetheatre.jpgvse.jpgbarton-cooney.jpgzen.jpgbriefing.jpgaberdeen.jpgeon.jpgislandbanki.jpgduoboots.jpgRichland-Logistics.jpgcrowedunlevy.jpgabrsm.jpgonpoint.jpgopportune.jpgpotash.jpgnymbus.jpgessex-police.jpgstpeters.jpgdeluxecorp.jpgideal.jpgcarrefour.jpgmtrgaming.jpggowireless.jpgrentatoll.jpgskipton.jpgwescom.jpgbuilding-controls-group.jpgderivco.jpgbom.jpgpando.jpgrah.jpgpma.jpgryanair.jpgnhs.jpgwestern-financial-group.jpgbritish-museum.jpgfis.jpgbnpparibas.jpgcornell.jpgclickandbuy.jpgconcord.jpgmagna-rewards.jpgScotRail.jpgcsmartlive-casino.jpgsymetra.jpgTotal-Card.jpgunnorthcar.jpgleidos.jpgblaze.jpgboomkat.jpgpayone.jpgrealec.jpgshi.jpgkenneth-copeland.jpgbowtie.jpgselectcore.jpgovec.jpgnorcotek.jpgcboss.jpggeneral-dynamics.jpgjdwetherspoon.jpglsi.jpggolubcapital.jpgtravelodge.jpgrnib.jpgplatin.jpgStandard-Hotel.jpgeasystreet.jpgspar.jpgemircom.jpgduncansolutions.jpgcuany.jpgRed-Card-Systems.jpgsky.jpgshazam-network.jpgjohnsons.jpgvmi.jpggm.jpginss.jpgwizzair.jpgbchdigital.jpgsynergiecontact.jpghph.jpgeztaxreturn.jpgmathe.jpgequiant.jpg4wheelparts.jpgiac.jpgdeluxe.jpghampshire.jpgarqiva.jpglark.jpgcua.jpgcare.jpgjet-blue.jpgriskassociates.jpgpicturehouse.jpgnewlook.jpgpurchase.jpgdupont.jpgpass.jpgingbank.jpgbrightstar.jpgaspen.jpgeTranzact.jpgsunchemical.jpgmarwoodgroup.jpgcityofgolden.jpgtrillium.jpgAeriandi.jpgblakemore.jpghp.jpgdatamatx.jpgseapines.jpgghl.jpgwonga.jpgxerox.jpglivetv.jpgbankcardusa.jpgcentertheatre.jpgepay.jpgsafarimicro.jpgbankofchina.jpgtheatreroyal.jpgpma-iss.jpgnxgen.jpgmyriad-view.jpgipservices.jpgCompliance-360.jpgucsandiego.jpgwallashops.jpgxap.jpgorbcomm.jpgticketmaster.jpgcigna.jpgdxc.jpgdhl.jpgthewestbrom.jpghandh.jpghotel-cholat.jpgsiconns.jpgmaxwellpaper.jpgredwood.jpgzenithbank.jpgonstar.jpgpkr.jpgvoxgen.jpgsimmons.jpgchaparral.jpgnhs-bury.jpghei-hotels.jpgfirst-quantum.jpgberkshireassociates.jpgactivetelesource.jpgchanel.jpgfamilylife.jpgcardknox.jpgbrocade.jpgzamir.jpgacucall.jpgushmm.jpgvnpay.jpgquann.jpgjack-wills.jpgAWA-Collections.jpgcontinuum.jpgwindsorandmaidenhead.jpgaciconn.jpgjo-ann.jpg
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.