http://www.informationweek.com/government/cybersecurity/nist-security-guidance-revision-prepare-now/a/d-id/1269663
By Vincent Berk
Commentary
InformationWeek.com
6/16/2014
The National Institute of Science and Technology's Special Publication
800-53 aims to raise the bar and set a standard of security for federal
government information processing systems. As NIST works on Revision 5 of
the document, which is expected to come out in April 2015, it will need to
reverse the sweeping generalizations made in Revision 4 regarding the
nature of the threat against data. Network defense is not a spectator
sport -- it must be engaged in continuously and consciously.
As a natural evolution of the NIST document, continuous monitoring and
anomaly detection will likely play a more significant role in Revision 5.
However, agencies should not wait until next April to shift focus towards
understanding the specific threats to data through continuous monitoring.
There is a great deal agencies can do to get a head start on the guidance
and to prepare their systems and networks for the new version in advance.
Build an active defense
The rubber meets the road in active defense at strategic data acquisition
-- collecting the information needed to understand the changing nature of
the adversary. For a multi-faceted data acquisition approach, we must
start by analyzing the key threat categories that we face.
The term "advanced persistent threat" has been overused in recent years,
but it describes the most important type of attacker any government agency
should prepare for. Government organizations are by definition the only
high-valued target in their class -- after all, there is only one IRS or
one Defense Department -- so there is no other "low-hanging fruit" for
attackers to go after. This means targeted attackers will be stealthy and
crafty in any offensive approach.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
