The National Institute of Standards and Technology Special Publication (NIST) 800-53, "Recommended Security Controls for Federal Information Systems", offers a set of best practices created to assist federal agencies - and any associated entities handling federal data such as state and local governments, contractors and grantees - in implementing the Federal Information Security Management Act (FISMA).
NIST 800-53 represents the bedrock foundation of FISMA; to guide agencies in implementing a risk-based information security program, the FISMA framework maps security program elements to the NIST 800-53 standard.
Specifically focusing on information security controls, NIST SP 800-53 presents security control concepts, a risk-based process for determining the specific controls that should be implemented by the organization or agency, and more a detailed set of minimum baseline security controls. NIST SP 800-53 includes 17 families of security controls grouped into three high level classes: technical, operational and management. Examples of the 17 families include access control, auditing, configuration management, incident response and risk assessment. Each of the 17 control families, in turn, details a total of 170 individual controls.
Perhaps the greatest challenge presented by NIST SP 800-53 rests in the broad scope of its 170 individual security controls. These controls span the IT infrastructure, calling for the monitoring and analysis of data generated by all systems, network appliances and security solutions across the enterprise. When implementing NIST SP 800-53 in support of FISMA compliance, an enterprise must implement, collect and process a variety of different types of data across the infrastructure: traditional log-only approaches of
log management and SIEM solutions are inadequate to provide comprehensive compliance auditing for NIST 800-53. Comprehensive auditing for NIST 800-53 must include not only log and event data, but asset and configuration data, known vulnerabilities, performance metrics, and network flow data.
SecureVue, eIQnetworks' unified threat and compliance (UTC) assessment platform, combines
security information and event management (SIEM) and IT security and
compliance management to help organizations address the greatest number of NIST 800-53 control families. SecureVue contains over 250 reports mapped to individual sections of the NIST 800-53 standard, and also contains a comprehensive compliance library - containing over 2,500 technical and functional controls - to enables organizations to define, monitor and measure NIST 800-53 system configuration compliance.
By collecting, archiving, correlating, analyzing and reporting on log, vulnerability, configuration, asset, performance and network flow data, SecureVue merges the complex monitoring, testing and auditing demands of NIST 800-53 into a single solution. The automated end-to-end correlation, along with built-in analytics, makes compliance auditing for the NIST 800-53 standard an easily manageable task.
