Ron Ross: NIST Proposes Infrastructure Security Engineering Guidelines

cybersecurityThe National Institute of Standards and Technology has released draft guidance on how government and private-sector system engineers should incorporate security into critical infrastructures, Nextgov reported Tuesday.

Aliya Sternstein writes that the technical document outlines an 11-step process meant to help information technology professionals identify security requirements and manage a system throughout its life cycle.

“The goal here is reduce the number of vulnerabilities in the system,” said Ron Ross, a NIST fellow and guidance co-author, according to Nextgov.

Nextgov reports the publication follows NIST’s release of a voluntary framework for mitigating critical infrastructure IT risks earlier this year.

“The systems engineering guidelines can be used at various points in that framework lifecycle to help build stronger software so it is well protected,” Ross added, according to Sternstein’s article.

NIST’s new security guidance contains an appendix explaining how to integrate systems security engineering parameters into defense acquisition programs, Nextgov reports.

You may also be interested in...

Arun Vemury

DHS Hosting Event to Find Next Generation of Facial Recognition Technology; Arun Vemury Quoted

The Department of Homeland Security's Science and Technology (DHS S&T) Directorate will host an event in Sept. 2021 to assess commercially made facial recognition technologies. DHS's Biotechnology Rally will assess how these technologies from different companies perform in different environments and challenging scenarios.

Leave a Reply

Your email address will not be published. Required fields are marked *