New publication fundamentally changes federal information security risk management
2011-03-03
(Press-News.org) The National Institute of Standards and Technology (NIST) has published the final version of a special publication that can help organizations to more effectively integrate information security risk planning into their mission-critical functions and overall goals.
Managing Information Security Risk: Organization, Mission, and Information System View (NIST Special Publication 800-39) provides the groundwork for a three-tiered, risk-management approach that "fundamentally changes how we manage information security risk at the federal level," says Ron Ross, NIST Fellow and one of the principal authors of the publication.
For decades, organizations have managed risk at the information system level that resulted in a very narrow perspective that constrained risk-based decisions by senior management, Ross explains. SP 800-39 calls for a holistic approach in which senior leaders determine what needs to be protected based on the organization's core missions and business functions. For example, managers of a power plant tied to the distribution grid need to ensure that its computer security keeps hackers from interfering with the plant's power generation or getting into the power grid to wreak greater havoc.
The publication is the fourth in the series of risk management and information security guidelines being developed by the Joint Task Force Transformation Initiative, a joint partnership among the Department of Defense, Intelligence Community, NIST and the Committee on National Security Systems.
The multi-tiered risk management approach described in SP 800-39 progresses from organization to missions to information systems. The goal is to ensure that strategic considerations drive investment and operational decisions with regard to managing risk to organizational operations (including mission, function, image and reputation), organizational assets, individuals, other organizations (collaborating or partnering with federal agencies and contractors) and the nation.
This type of risk-based, decision making is critical as organizations address advanced persistent threats of sophisticated cyber attacks that have the potential to degrade or debilitate information systems supporting the federal government's critical applications and operations.
"SP 800-39 is about building more secure information systems which will ultimately allow senior leaders and executives to better understand the mission and business risk brought into their enterprises by the ever-increasing use of, and dependence on, information technology and network connectivity," Ross says.
INFORMATION:
The Joint Task Force Transformation Initiative partnership is under the leadership of the Secretary of Defense, the Director of National Intelligence, and the Secretary of Commerce. Its goal is to develop a unified information security and risk management framework for the federal government to address the challenges of protecting federal information, information systems and the nation's critical information infrastructure.
SP 800-39, Managing Information Security Risk: Organization, Mission, and Information System View, has been developed in support of the Federal Information Security Management Act (FISMA). It can be downloaded from http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf.
END
ELSE PRESS RELEASES FROM THIS DATE:
2011-03-03
While lab tests and imaging can sometimes help diagnose juvenile idiopathic arthritis (JIA), a physical examination and thorough patient history are the most valuable tools in identifying this disease. According to a new literature review from the Journal of the American Academy of Orthopaedic Surgeons (JAAOS), the rate of false positives in laboratory evaluations and imaging studies meant to screen for juvenile arthritis makes their value limited.
Juvenile idiopathic arthritis (formerly known as juvenile rheumatoid arthritis) is an autoimmune disease that affects nearly ...
2011-03-03
PHILADELPHIA — New research from the University of Pennsylvania demonstrates a more consistent and cost-effective method for making graphene, the atomic-scale material that has promising applications in a variety of fields, and was the subject of the 2010 Nobel Prize in Physics.
As explained in a recently published study, a Penn research team was able to create high-quality graphene that is just a single atom thick over 95% of its area, using readily available materials and manufacturing processes that can be scaled up to industrial levels.
"I'm aware of reports of ...
2011-03-03
Intensive adherence counseling around the time of HIV treatment initiation significantly reduces poor adherence and virologic treatment failure in sub-Saharan Africa, according to a recent study in PLoS Medicine by Dr. Michael Chung, assistant professor of Global Health at University of Washington, who works at the Coptic Hope Center for Infectious Diseases in Nairobi, Kenya.
The study published March 1 also found that using an alarm device has no effect on adherence counseling.
The findings of this study define an adherence counseling protocol that is effective and ...
2011-03-03
Boulder, CO, USA - LITHOSPHERE is now regularly posting pre-issue publication content -- finalized papers ready to go to press and not under embargo. GSA invites you to sign up for e-alerts and/or RSS feeds to have access to new journal content the minute it is posted online. Go to http://www.gsapubs.org/cgi/alerts and enter your e-mail address to manage your subscriptions for pre-issue postings, tables of contents alerts, and more. The following LITHOSPHERE articles were published online 10 Feb. 2011.
Mafic granulite xenoliths from the East Indian Shield: Evidence ...
2011-03-03
PHILADELPHIA—Reporting in Nature, scientists from Thomas Jefferson University have determined that a single protein called FADD controls multiple cell death pathways, a discovery that could lead to better, more targeted autoimmune disease and cancer drugs.
Twelve years ago, internationally-known immunologist Jianke Zhang, Ph.D., an associate professor in the Department of Microbiology and Immunology at Thomas Jefferson University, realized FADD, which stands for Fas-Associated protein with Death Domain, played an important role in embryonic development and the onset of ...
2011-03-03
PHILADELPHIA - The gene for the protein p53 is the most frequently mutated in human cancer. It encodes a tumor suppressor, and traditionally researchers have assumed that it acts primarily as a regulator of how genes are made into proteins. Now, researchers at the University of Pennsylvania School of Medicine show that the protein has at least one other biochemical activity: controlling the metabolism of the sugar glucose, one of body's main sources of fuel. These new insights on a well-studied protein may be used to develop new cancer therapies.
Xiaolu Yang, PhD, associate ...
2011-03-03
GAINESVILLE, Fla. — A new University of Florida study of 45-million-year-old pollen from Pine Island west of Fort Myers has led to a new understanding of the state's geologic history, showing Florida could be 10 million to 15 million years older than previously believed.
The discovery of land in Florida during the early Eocene opens the possibility for researchers to explore the existence of land animals at that time, including their adaptation, evolution and dispersal until the present.
Florida Museum of Natural History vertebrate paleontologist Jonathan Bloch, who ...
2011-03-03
The deVere Group, the world's largest independent financial consultancy group has raised GBP72,030 in funds towards Combat Stress, Guillain-Barre syndrome support group, as well as Inspire, from world-wide sponsors including deVere partners and deVere staff.
The deVere Group Malta team, which included deVere CEO Nigel Green, James Green, Hannah Green, Maria Stivala, Nadia Micallef and Svetlana Falzon, has successfully completed the 2011 Land Rover Malta Half Marathon on Sunday 27th February 2011, in a mission to raise funds towards four international charities.
The ...
2011-03-03
VIDEO:
TechSolutions is a rapid-response program that accepts recommendations and suggestions from Navy and Marine Corps personnel on ways to improve mission effectiveness through the application of technology.
Click here for more information.
ARLINGTON, Va. – The next time a Navy chef sautés shrimp scampi, he may be managing the meal using food-preparation software developed by the Office of Naval Research.
A product of ONR's TechSolutions program, Food Service Management ...
2011-03-03
BidRivals have just released the new MacBook Pro for auction just a week after being launched by Apple. Using BidRivals.com's entertaining penny auction shopping system all Mac aficionados can now benefit from immediate discounts of up to 90 percent on the new 2011 version of the MacBook Pro.
The new MacBook Pro comes with state of the art processors, all new graphics and breakthrough high-speed input /output communications systems with data transfer rates of up to 10 Gbps. The graphics processors on the new MacBook Pro are reported to be up to 3 times faster than previous ...
LAST 30 PRESS RELEASES:
[Press-News.org] New publication fundamentally changes federal information security risk management
