2 cissp ® Official Study Guide Eighth Edition


Federal Cybersecurity Laws of 2014



Download 19,3 Mb.
Pdf ko'rish
bet138/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   134   135   136   137   138   139   140   141   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Federal Cybersecurity Laws of 2014
In 2014, President Barack Obama signed a series of bills into law that modernized the federal 
government’s approach to cybersecurity issues.
The first of these was the confusingly named Federal Information Systems 
Modernization
Act (also bearing the acronym FISMA). The 2014 FISMA modified the 
rules of the 2002 FISMA by centralizing federal cybersecurity responsibility with the 
Department of Homeland Security. There are two exceptions to this centralization: defense-
related cybersecurity issues remain the responsibility of the Secretary of Defense, while the 
Director of National Intelligence bears responsibility for intelligence-related issues.
Second, Congress passed the Cybersecurity Enhancement Act, which charges the NIST 
with responsibility for coordinating nationwide work on voluntary cybersecurity standards. 
NIST produces the 800 series of Special Publications related to computer security in the 
federal government. These are useful for all security practitioners and are available for free 
online at 
http://csrc.nist.gov/publications/PubsSPs.html
.
The following are commonly used NIST standards:

NIST SP 800-53: 
Security and Privacy Controls for Federal Information Systems and 
Organizations.
This standard is required for use in federal computing systems and is 
also commonly used as an industry cybersecurity benchmark.

NIST SP 800-171: 
Protecting Controlled Unclassified Information in Nonfederal 
Information Systems and Organizations
. Compliance with this standard’s security 
controls (which are quite similar to those found in NIST 800-53) is often included as a 
contractual requirement by government agencies. Federal contractors must often com-
ply with NIST SP 800-171.

The 
NIST Cybersecurity Framework
(CSF) is a set of standards designed to serve as a 
voluntary risk-based framework for securing information and systems.
The third law from this wave of new requirements was the National Cybersecurity 
Protection Act. This law charged the Department of Homeland Security with establishing a 

134
Chapter 4 

Laws, Regulations, and Compliance
national cybersecurity and communications integration center. The role of this center is to 
serve as the interface between federal agencies and civilian organizations for sharing cyber-
security risks, incidents, analysis, and warnings.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   134   135   136   137   138   139   140   141   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish