NIST 800-53 rev4 – NIST Security controls and guidelines
NIST 800-53 revision 4 provides guidance for the selection of security and privacy controls for federal information systems and organizations. Revision 4 is the most comprehensive update since the initial publication. This update was motivated principally by the expanding threat space and increasing sophistication of cyber attacks. Major changes include new security controls and control enhancements to address advanced persistent threats (APTs), insider threats, and system assurance; as well as technology trends such as mobile and cloud computing.
Compliance with NIST 800-53 is required for FISMA
The Federal Information Security Management Act of 2002 (FISMA) and Federal Information Security Modernization Act of 2014 (also FISMA, which enhances and clarifies the original law) require US Government agencies to implement information security controls using a risk-based approach to information security. You must be compliant with NIST standards and guidelines in order to meet annual FISMA compliance requirements.
800-53 rev4 is the gold standard for cloud and network security
800-53 has become the gold standard in cloud security. The security controls are by far the most robust and prescriptive set of security standards to follow, and as a result, systems that are certified as compliant against 800-53 r4 are also considered the most secure.
NIST 800-53 Risk Assessment and Gap Assessment
NightLion Security’s patent risk management and assessment process will test your organization for each control in the NIST guidelines. Our reports provide risks ranked by a risk tolerance score that is fully customized to your business, as well as remediation strategies necessary to prepare for audit.
Penetration Testing for NIST 800-53 & FISMA
NightLion Security provides red team and penetration testing exercises to simulate adversaries in an attempt to compromise your organization’s intellectual property, employee data and/or sensitive business information, to fully test the security capability of the information system and organization. Exercises include information system monitoring, malicious user testing, penetration testing, red-team exercises, and other forms of security testing (e.g., independent verification and validation).
Free NIST 800-53 Control Cross Mappings
NightLion Security provides a free security control cross mapping tool to cross-reference NIST 800-53 with ISO, PCI, Cobit, CSF, FFIEC and many more. We provide access to this tool free of charge as a value add to our assessment services. For more information on how to download the tool, click the link above.
Download NIST 800-53 rev 4 Security Controls and Audit Checklist
Check us out at www.securitycheckbox.com