NEW GUIDANCE RELEASED BY NIST REDEFINES ASSURANCE & TRUSTWORTHINESS FOR FINANCIAL INSTITUTIONS
On April 30th, 2013 the National Institute of Standards and Technology (NIST) issued their latest version of essential guidance: Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations. Led by Ron Ross, a NIST fellow and the project leader, a team of computer scientists spent the past two years developing this latest 457 page revision. One of the Essential Themes of the New Guidance Mr. Ross indicated that a key theme in the new guidance is the “reintroduction of the notion of assurance, or trustworthiness of information systems.” The bottom line is that organizations will now be under higher scrutiny in terms of how effective they are at identifying vulnerabilities and security weaknesses in systems, which