NIST takes on major vulnerability in cyber guidelines through novel ‘patch release’

Summary: Typically, the process to update the cybersecurity controls that form the basis of federal information security standards takes at least a month, if not longer. But the National Institute of Standards and Technology today is proposing a more urgent “patch release” to Special Publication 800-53, “Security and Privacy Controls for Information Systems and Organizations.” It was last updated through a major revision finalized in December 2020. Today’s proposed update features an expedited two-week comment period. It proposes one new control and two corresponding “control enhancements” to address a major gap in identity and access control processes. Learn more about your ad choices. Visit megaphone.fm/adchoices