The National Institute of Standards and Technology has begun to revise two guidance documents meant to help organizations manage the cybersecurity posture of mobile applications, MeriTalk reported Thursday.NIST representatives said during an Advanced Technology Academic Research Center-hosted forum the updated Special Publication 800-163 will suggest protocols for agencies to identify vulnerabilities when evaluating apps.
Michael Ogata, computer scientist at NIST’s applied cybersecurity division, said initial guideline lacked information from other parts of agency or partner security infrastructure, as well as definite statements on application security requirements that should be considered during the vetting process.
The updated SP 800-163 will be open for public comment beginning on Sept. 9.
Gema Howell, computer scientists at NIST’s applied cybersecurity division, said the agency will also update its SP 800-124 guideline to include additional management technology characteristics and elaborate on new deployment considerations, mobile ecosystem threats and threat mitigation processes.
The revised SP 800-124 is scheduled for publication in 2019.
