These requirements are now in effect for every information system within the federal government.
NIST developed cybersecurity standards for the government industry as part of its mandate to provide standards and metrics for the technology industry, notably NIST SP (Special Publication) 800-53. This is not a new regulation for the federal government agencies, regarding cybersecurity standards, as it was released in February 2005. With the President’s Executive Order 14028 “Improving the Nation’s Cybersecurity”, and the rising sophistication of cyber-attacks, federal agencies are utilizing NIST’s document, titled, “Assessing Security and Privacy Controls in Information Systems and Organizations” (NIST SP 800-53A), as an assessment guideline to measure the consistency and attainment of a federal system’s security controls. Today, all federal systems should be adhering to the NIST 800-53 cybersecurity standards.
SteelToad’s assessors will help federal agencies by evaluating their federal IT systems against the security controls specified in NIST 800-53. The assessment results will help government agencies secure their IT environments and reduce risk for all stakeholders in both the federal government and all organizations with access to the data.
