CRE Submits Comments to NIST on FISMA Standards

The National Institute for Standards and Technology (NIST) Should Adopt Real Time Continuous Monitoring for Federal Cyber Security Operations

A little known agency in the Department of Commerce, NIST is working on an issue of critical importance—developing  standards to protect  the federal  information technology infrastructure from cyber-attacks  as required by  FISMA (Federal Information Security  Management Act) 

The  Center  for Regulatory Effectiveness  emphasizes that  if pending legislation were enacted   the FISMA  standards  could be  mandated   on some  private sector information systems  including those dealing with  water supply, transportation, financial  and nuclear control systems .  For this reason it is imperative that NIST make the comments it receives available to the public.

Finally, the gold standard for continuous monitoring is monitoring done in real time—a needed step which NIST should take.

The public is encouraged to offer their comments on this important public policy issue in the section below.

The CRE comments are attached herewith NIST Comments CRE ..


Leave a Reply

Your email address will not be published.

Please Answer: *