Page 268 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 268

charges the NIST with responsibility for coordinating nationwide work
               on voluntary cybersecurity standards. NIST produces the 800 series of

               Special Publications related to computer security in the federal
               government. These are useful for all security practitioners and are
               available for free online at
               http://csrc.nist.gov/publications/PubsSPs.html.

               The following are commonly used NIST standards:

                    NIST SP 800-53: Security and Privacy Controls for Federal
                    Information Systems and Organizations. This standard is
                    required for use in federal computing systems and is also

                    commonly used as an industry cybersecurity benchmark.

                    NIST SP 800-171: Protecting Controlled Unclassified Information
                    in Nonfederal Information Systems and Organizations.
                    Compliance with this standard’s security controls (which are quite
                    similar to those found in NIST 800-53) is often included as a
                    contractual requirement by government agencies. Federal

                    contractors must often comply with NIST SP 800-171.

                    The NIST Cybersecurity Framework (CSF) is a set of standards
                    designed to serve as a voluntary risk-based framework for securing
                    information and systems.

               The third law from this wave of new requirements was the National
               Cybersecurity Protection Act. This law charged the Department of
               Homeland Security with establishing a national cybersecurity and

               communications integration center. The role of this center is to serve
               as the interface between federal agencies and civilian organizations for
               sharing cybersecurity risks, incidents, analysis, and warnings.


               Intellectual Property

               America’s role in the global economy is shifting away from a

               manufacturer of goods and toward a provider of services. This trend
               also shows itself in many of the world’s large industrialized nations.
               With this shift toward providing services, intellectual property takes
               on an increasingly important role in many firms. Indeed, it is arguable
               that the most valuable assets of many large multinational companies
   263   264   265   266   267   268   269   270   271   272   273