IT disaster recovery, cloud computing and information security news

NIST asks for comments on new cyber resilience guidance

The US NIST is seeking comments on the Final Public Draft of NIST Special Publication (SP) 800-160 Volume 2, Developing Cyber Resilient Systems: A Systems Security Engineering Approach.

The public comment period closes on November 1, 2019.  

Draft NIST SP 800-160, Volume 2 presents the cyber resiliency engineering framework (conceptual framework) for understanding and applying cyber resiliency, which NIST says is ‘a concept of use for the conceptual framework, and specific engineering considerations for implementing cyber resiliency in the system life cycle’.

Draft NIST SP 800-160, Volume 2, also identifies considerations for determining which cyber resiliency constructs are most relevant to a system-of-interest and a tailorable cyber resiliency analysis process to apply the selected cyber resiliency concepts, constructs, and practices to a system. The cyber resiliency analysis ‘is intended to determine whether the cyber resiliency properties and behaviors of a system-of-interest, wherever it is in the life cycle, are sufficient for the organization using that system to meet its mission assurance, business continuity, or other security requirements’.

This publication is designed for use in conjunction with NIST SP 800-160 Volume 1, ‘Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems” and NIST SP 800-37, ‘Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy.’

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.