Keeping up to speed on cloud and mobile security

With the Revision 4 of the US NIST security controls released earlier this year, Agiliance has now brought out an updated Revision 4 Content Pack for its RiskVision security services 

  • 11 years ago Posted in

Any company that does business with suppliers, partners or customers in the US will, if they transact business digitally, need to be aware of the relevant US security standards and procedures. This is the case even if it only means learning that most of the regulations may not in practice apply to their business. But these are rules it is best not to be ignorant about.

Finding out about them can be a problem and certainly time consuming, but one possible solution to that issue comes from US-based Agiliance, with its RiskVision service. The company produces Integrated Risk Management solutions for Governance and Security programs, and has just announced the release of the Agiliance NIST SP800-53 Revision 4 Content Pack, which is designed to help organisations defend their IT infrastructures against advanced cyber-attacks.

It is built around the US National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Revision 4 security controls update, and provides a packaged intelligence feed for the Agiliance RiskVision platform. This provides commercial organisations and government agencies with expanded security and privacy baselines.

In response to the increasing volume and sophistication of cyber-attacks, NIST, the U.S. Department of Defense, the U.S. Intelligence Community, and the Committee on National Security Systems created the Joint Task Force partnership in 2009 to develop the NIST SP 800-53 "Recommended Security Controls for Federal Information Systems and Organizations” standard. Revision 4, released this April, was developed to include security controls and enhancements for new threat area such as mobile and cloud computing; applications security; trustworthiness, assurance, and resiliency of information systems; insider threats; supply chain security; and advanced persistent threats.

The Content Pack provides users with packaged intelligence from which they can develop a custom security controls baseline and security plan that best fits their needs. It encompasses more than 1,100 controls across the 18 security control families, including Access Control; Awareness and Training; Audit and Accountability, Security Assessment and Authorisation; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection, Physical, and Environmental Protection; Planning; Personnel Security; Risk Assessment; System and Services Acquisition; System and Communications Protection; System and Information Integrity; and Program Management.

“The NIST guidelines provide organisations with a proven and industry tested set of best practices that simplify the creation of high, medium, and low baseline controls based on the business criticality of the assets being protected,” said Torsten George, vice president of worldwide marketing and products at Agiliance. “By integrating this pre-built intelligence with the Agiliance RiskVision platform, customers can use the NIST SP 800-53 content pack to run compliance assessments in order to determine their compliance and risk scores. This powerful tool also enables them to identify security gaps in their infrastructure by mapping recommended NIST controls against their existing environment.” 

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...