The National Institute of Standards and Technology is finalizing guidance for the integration of cybersecurity across the government’s mission areas to counter the increasing number of cyber attacks, Federal News Radio reported Thursday.
Jason Miller writes NIST fellow Ron Ross noted that the “Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems” (Special Publication 800-160) document highlights the role of all stakeholders.
“What we are doing in the NIST publication is we are defining what are the security best practices that should take place at every point in that lifecycle,” Ross said at an AFCEA event, according to the report.
“The intent there is to make the right people in the organization involved in the decision-making process for how do you protect the mission of the business.”
He said the final document will combine and give context to previous cyber guidance, risk management measures and security controls and spread cyber expertise across the organization.
NIST plans to release a second public draft of the systems security engineering document by the end of summer and the first version of the final guidance by the end of the year or early 2016, Miller reports.
According to Ross, the agency also has other cybersecurity-related special publications lined up within the year.