The document, NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations, was released in draft form for public review in June.
"This final publication represents a solidification of the partnership between the Department of Defense, the Intelligence Community, and NIST and their efforts to bring common security solutions to the federal government and its support contractors," said Ron Ross, of NIST's computer security division. "The aim is to provide greater protection for federal information systems against cyber attacks."
Comments received from the public since June did not result in any major changes in the final publication, according to Ross.
Historically, information systems at civilian agencies have operated under different security controls than military and intelligence information systems. When complete, the unified framework will result in the defense, intelligence and civil communities using a common strategy to protect critical federal information systems and associated infrastructure.
A copy of the publication is available at www.csrc.nist.gov/publications/PubsSPs.html. For further background, see "NIST, DOD, Intelligence Agencies Join Forces to Secure U.S. Cyber Infrastructure," NIST Tech Beat, June 16, 2009.
Media Contact: Chad Boutin, [email protected], (301) 975-4261