LISTEN UP YA’LL IF YOU ARE RESPONSIBLE FOR ELECTRONIC INFORMATION SECURITY, PAY ATTENTION TO THE FOLLOWING MESSAGE! i AM NOT KIDDING. THIS IS YOUR NEXT PROMOTION AND THIS IS IMPORTANT FOR THE SECURITY AND PRIVACY PROTECTION OF YOUR CLIENTS, CUSTOMERS, PATIENTS, WHATEVER YOU WANT TO CALL THEM. THIS IS THE 3 MGTON SECURITY IS BOMB!

I am now the Education Director for Beckman Oral Motor. It is an awesome protocol for  poor suck, folks with swallowing difficulties, or oro facial weaknesses. I am now setting up the 2010 Beckman Oral Motor Conference Schedule. If you are interested in hosting or sponsoring a Beckman Oral Motor Assessment and Intervention Conference, please give me a call at 407-590-4859 or email me at info@..., or fax me at 843-824-8537. Or visit the website at www.beckmanoralmotor.com

 

Carry on,

Barbara McGowin

 

 

 

NIST’s Computer Security Division is proud to announce the release of 2 Special Publications – 1 draft and 1 final.

#1 is Special Publication 800-53 Rev. 3 and #2 is Draft Special Publication 800-126

 

PUBLICATION #1: Special Publication 800-53 Revision 3 --

URL to SP 800-53 Rev. 3:   http://csrc.nist.gov/publications/PubsSPs.html#800-53_Rev3

 

NIST announces the final publication of Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations. Special Publication 800-53, Revision 3, is historic in nature. For the first time, and as part of the ongoing initiative to develop a unified information security framework for the federal government and its contractors, NIST has included security controls in its catalog for both national security and non national security systems. The updated security control catalog incorporates best practices in information security from the United States Department of Defense, Intelligence Community, and Civil agencies, to produce the most broad-based and comprehensive set of safeguards and countermeasures ever developed for information systems. The standardized set of management, operational, and technical controls provide a common specification language for information security for federal information systems processing, storing, and transmitting both national security and non national security information. The revised security control catalog also includes state-of-the-practice safeguards and countermeasures needed by organizations to address advanced cyber threats capable of exploiting vulnerabilities in federal information systems. In addition to the expansion of the security control catalog, Special Publication 800-53, Revision 3 contains significant changes including:

 

• A simplified, six-step Risk Management Framework;
• Additional security controls and control enhancements for advanced cyber threats;
• Recommendations for prioritizing or sequencing security controls during implementation or deployment;
• Revised security control structure with a new references section;
• Elimination of security requirements from Supplemental Guidance sections;
• Guidance on using the Risk Management Framework for legacy information systems and for external providers of information system services;
• Updates to security control baselines consistent with current threat information and known cyber attacks;
• Organization-level security controls for managing information security programs;
• Guidance on the management of common controls within organizations; and
• Strategy for harmonizing FISMA security standards and guidelines with international security standard ISO/IEC 27001.

 

The important changes described in Special Publication 800-53, Revision 3 are part of a larger strategic initiative to focus on enterprise-wide, near real-time risk management; that is, managing risks from information systems in dynamic environments of operation that can adversely affect organizational operations and assets, individuals, other organizations, and the Nation. Following the final publication of Special Publication

 

• 800-53, Revision 3, the collaborative work between the national security and non national security communities will continue with updates to other key publications such as:
• NIST Special Publications 800-37, Applying the Risk Management Framework to Federal Information Systems;
• NIST Special Publication 800-39, Integrated Enterprise-wide Risk Management: Organization, Mission, and Information Systems View;
• NIST Special Publication 800-30, Guide for Conducting Risk Assessments; and
• NIST Special Publication 800-53A, Guide for Assessing Security Controls in Federal Information Systems and Organizations.

 

The schedule for the development of all key FISMA-related publications based on new milestones established among the participating partners in the Joint Task Force Transformation Initiative can be found at: http://csrc.nist.gov/groups/SMA/fisma/schedule.html.

 

- - - - - - - - -

PUBLICATION #2: DRAFT Special Publication 800-126 --

URL to Draft SP 800-126:   http://csrc.nist.gov/publications/PubsDrafts.html#800-126

 

NIST announces that Draft Special Publication (SP) 800-126, The Technical Specification for the Security Content Automation Protocol (SCAP), has been released for public comment. SCAP comprises specifications for organizing and expressing security-related information in standardized ways, as well as related reference data such as unique identifiers for vulnerabilities. SP 800-126 also provides an overview of SCAP, focusing on how software developers can integrate SCAP technology into their product offerings and interfaces.

 

NIST requests comments on draft SP 800-126 by August 31, 2009. Please submit comments to 800-126comments@... with "Comments SP 800-126" in the subject line.