Security Controls Based on NIST 800-53 Low Medium High Impact

Security Controls Based on NIST 800-53 Low, Medium, High Impact

Since NIST 800-53 was first introduced, the number of controls has greatly expanded; the initial version of 800-53 contained approximately 300 controls and NIST 800-53 rev 4 contains 965 controls. 

Despite the complexity, each NIST 800-53 revision makes the controls set increasingly valuable. As things like mobile, IoT, and cloud evolve, NIST continuously enhances 800-53 to make migration an ongoing requirement.

800-53 (Rev. 4) Security Control Catalog
Low-Impact
Moderate-Impact
High-Impact

 

Security Objectives / Impact / Required Security Controls
	Confidentiality	Integrity	Availability
Low	Login Audit Encryption in transit Patch Management Centralized Authentication	Antivirus	Onsite Backup Change Control Patch Management Vulnerability Management SLAs
Moderate	Login Audit System Health Monitoring Encryption at rest Encryption in transit MFA Secure Delete DLP Patch Management Centralized Authentication Machine Authentication Role Based Authentication Network IDS Cloud Isolation	Antivirus File Integrity Monitoring	High Availability Onsite Backup Change Control Patch Management Vulnerability Management SLAs
High	Login Audit System Health Monitoring Encryption at rest Encryption in transit MFA Priviledged Access Management Patch Management Machine authentication Host IDS Network IDS SSL Decryption Secure Delete DLP Penetration Testing Centralized Authentication Role Based Authentication Cloud Isolation	Antivirus File Integrity Monitoring	High Availability Onsite/Offsite Backup Scalability DR Site Change Control Patch Management Vulnerability Management DDoS Protection SLAs
The following list is showing those most common controls align with the impact level in 800-53.  Impact / Required Security Controls (Based on 800-53))   Low Moderate High Access Control / Firewall       Account Management       Security Awareness Training       Security Assessment / Categorization       System Inventory       Key Protection / Management       DoS Protection       Remote Access from External Network  Monitoring, Managed, Privileged Commands Controlled and Documents,  Information Protected, Disabled non-secure network protocols Wireless Access Authentication, Encryption, Monitoring, (Restrict Users)   Physical Access Control       System Maintenance       Patch Management       System / Login Audit / Response       System Health, Usage Monitoring       Encryption in transit       System Hardening       Software Usage Restrictions       Antivirus/Antimalware       Vulnerability Scanning       Onsite Backup / Recovery       Alternate Storage Site & Backup / Recovery       Access / Configuration Change Control       Least Privilege       PKI Certificates       Anti-SPAM       Endpoints Advanced Threat Protection       Encryption at Rest       Device Identification &  Authentication       Network IDS       File Integrity Monitoring       Role-based Authentication       Centralized Authentication       Separation of Duties       DLP       Application Partitioning       Multi Factor Authentication       Secure Delete       Penetration Testing       Vulnerability Management       Supply Chain Protection       Network Segregation (DMZ, Subnets, Mgmt Interface)       DR Site       Privileged Access Management       SIEM       Host IDS

via Blogger https://ift.tt/35dcbRJ
October 19, 2020 at 11:02AM Architecture