NIST Releases Data Exchange Security Guide

NIST Releases Data Exchange Security Guide
Managing the Security of Information Exchanges

The National Institute of Standards and Technology has released guidance that outlines a four-pronged strategy to protect the data organizations share with other parties via different channels for information exchange.

NIST said Tuesday that the “Managing the Security of Information Exchanges” guide offers sample agreement templates and recommends several measures to secure shared data.

The four phases described in the Special Publication (SP) 800-47 Revision 1, which aligns with the Office of Management and Budget Circular A-130, encompasses planning, establishing, maintaining and discounting the information exchange. 

“In order to protect the confidentiality, integrity and availability of the information commensurate with risk, the information being exchanged requires protection at the same or similar levels as it moves from one organization to another,” the agency noted.

The document deviated from the technology-based information access and instead focused on imparting a redeveloped scope of information exchange and tackling the potential security risks in conducting data-sharing activity.

You may also be interested in...

Cybersecurity

DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.