Upload File

nist sp 800-53 cdm security controls capabilities · 2018-11-30 · how were the cdm capabilities...

  • Home
  • Documents
  • NIST SP 800-53 CDM Security Controls Capabilities · 2018-11-30 · How Were the CDM Capabilities Defined? Organizations may define certain security capabilities needed to satisfy
1
How Were the CDM Capabilities Defined? Organizations may define certain security capabilities needed to satisfy security requirements and provide appropriate mission and business protection. Security capabilities are typically defined by bringing together a specific set of safeguards/countermeasures (i.e., security controls) derived from the appropriately tailored baselines that together produce the needed capability. - NIST Special Publication 800-53, Revision 4, Page viii NIST SP 800-53 Security Controls Access Control Awareness & Training Audit & Accountability Security Assessment & Authorization Configuration Management Contingency Planning Identification and Authentication Incident Response Maintenenance Media Protection Physical & Environmental Protection Planning Personnel Security Risk Assessment System & Services Acquisition System & Communications Protection System & Information Integrity Working with NIST, DHS distilled the SP 800 - 53 security controls into CDM (security) capabilities to provide D/As across the Federal Enterprise with a common baseline implementation of automated security controls assessment. CDM Capabilities Data Loss Prevention Network Access Control Respond to Incidents & Contingencies Detect Suspicious Events / Patterns Prepare for Incidents & Contingencies Boundary Protection Manage Privileges Manage Credentials & Authentication Manage Security Related Behavior Manage Trust in People Granted Acces Vulnerabilities Management Configuration Settings Management Software Asset Management Hardware Asset Management Individual controls are grouped by the desired results, helping to simplify the conceptual link between security controls and business results. The complete set of CDM capabilities includes all SP 800-53 high-impact baseline security controls.

Upload: others

Post on 06-Aug-2020

11 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: NIST SP 800-53 CDM Security Controls Capabilities · 2018-11-30 · How Were the CDM Capabilities Defined? Organizations may define certain security capabilities needed to satisfy

How Were the CDM Capabilities Defined?

Organizations may define certain security capabilities needed to satisfy security requirements and provide appropriate mission and business protection. Security capabilities are typically defined by bringing together a specific set of safeguards/countermeasures (i.e., security controls) derived from the appropriately tailored baselines that together produce the needed capability.

- NIST Special Publication 800-53, Revision 4, Page viii

NIST SP 800-53 Security Controls

Access Control

Awareness & Training

Audit & Accountability

Security Assessment & Authorization

Configuration Management

Contingency Planning

Identification and Authentication

Incident Response

Maintenenance

Media Protection

Physical & Environmental Protection

Planning

Personnel Security

Risk Assessment

System & Services Acquisition

System & Communications Protection

System & Information Integrity

Working with NIST, DHS distilled the SP 800 - 53 security controls into CDM (security) capabilities to provide D/As across the Federal Enterprise with a common baseline implementation of automated security controls assessment.

CDM Capabilities

Data Loss Prevention

Network Access Control

Respond to Incidents & Contingencies

Detect Suspicious Events / Patterns

Prepare for Incidents & Contingencies

Boundary Protection

Manage Privileges

Manage Credentials & Authentication

Manage Security Related Behavior

Manage Trust in People Granted Acces

Vulnerabilities Management

Configuration Settings Management

Software Asset Management

Hardware Asset Management

Individual controls are grouped by the desired results, helping to simplify the conceptual link between security controls and business results.

The complete set of CDM capabilities includes all SP 800-53 high-impact

baseline security controls.

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf#page=9

PRIVMGMT: The First Step Toward CDM Phase 2 Capabilities · 11/17/2016  · Riley Smith. Group 2: DC Admin-Read Only. Mary Lee: X. Robert Sycor: X. Allie Harshel: X. 7. Homeland Security

Cloud Access Security Brokers - Critical Capabilities

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)€¦ · CDM Requirements A Request for Information (RFI) was released by the Department of Homeland Security (DHS) Continuous

2 MENA: Space Capabilities and Security Challenges

Fine-Grained Control of Security Capabilities

Micro Networks Electronic Security System Capabilities

DNVGL-CP-0231 Cyber security capabilities of control

Japan's Security Role and Capabilities in the 2020s

SAP Financial Services Network – Security capabilities

TycoTotal Capabilities - Tyco Fire & Security Total Capabilities.pdf · TycoTotal Capabilities Fire, Security and Telecommunications solutions ... region include the Palm Jumeriah

government and homeland security lighting capabilities guide

Enhancing security incident response capabilities in the AP

Global Businesses Need Global Security Capabilities

Current Capabilities for Space Security: A Korean Perspective

Security Capabilities and Potentials of Java

Understanding the Security Capabilities of Solaris Zones Softwareit-suniverse.com/.../820-7017-security-capab-sol-zones.pdf · 2010. 7. 16. · 5 Understanding the Security Capabilities

Critical Capabilities for High-Security Mobility Management

Symantec™ Managed Security Services - CDM Media · Symantec Advanced Security Monitoring Symantec Advanced Security Monitoring Service provides enterprise-wide, intelligence-driven

STUDENT ADMINISTRATION FEE ADMINISTRATION TECHNICAL CAPABILITIES SECURITY CAPABILITIES DOCUMENTS ORGANIZER LIBERARY MANAGEMENT CCE STUDENT

The Council on Security and Defense Capabilities Report CSDC Report.pdf · The Council on Security and Defense Capabilities has examined how the international security environment

2012 ACC/TSA Security Capabilities Dayacconline.org/Documents/Events/Presentations/RBS_Virgil.pdf2012 ACC/TSA Security Capabilities Day July 17, 2012 ... The RBS Workforce Transformation

Security: Foundations, Security Policies, Capabilities

Security: Foundations, Security Policies, Capabilities · June, 8, 2015 5 Security: Foundations, Security Policies, Capabilities Distributed Operating Systems Marcus Völp, Hermann

Lockdown Security Capabilities Overview

Defense & Security Networks Capabilities

The Security Capabilities of Everything IP

CDM Platform Capabilities

Computer Security DD2395 - KTH...Firewall Capabilities & Limits ! capabilities: - defines a single choke point - provides a location for monitoring security events - convenient platform

Marlabs Capabilities Overview: Cyber Security Services

A NATIONAL SECURITY CRISIS: FOREIGN LANGUAGE CAPABILITIES ... · a national security crisis: foreign language capabilities in the federal ... homeland security and ... a national

Continuous Diagnostics and Mitigation (CDM)DHS) Continuous... · Continuous Diagnostics and Mitigation (CDM) ... government-wide set of information security continuous monitoring

NOAA’s Capabilities to Support Homeland Security NOAA’s Capabilities to Support Homeland Security Donald Wernly National Weather Service November 28, 2001

integrated virtualization capabilities security and

Conquest Security Capabilities

Critical Capabilities for Security Information and Event ...dss.lv/f/Critical_Capabilities_for_Security_Information_and_Event... · Critical Capabilities for Security Information