Your Top Five Cyber Risks in Five Clicks with the Free Cyber Risk Analysis

FREE RISK ANALYSIS
Request Demo

What's New in NIST SP 800 53 Rev 5

down-arrow

NIST Special Publication (SP) 800-53 offers regulatory guidelines and controls for federal information systems, except those relating to national security. This catalog of security and privacy controls has been used and adopted by a range of organizations, both part of the federal government and beyond, due to the comprehensive nature of the control set.

Back in 2017, NIST released the first public draft of SP 800-53 Revision 5. In September 2020, NIST released the official version of Rev 5, following what NIST describes as “a multi-year effort to develop the next generation of security and privacy controls needed to strengthen and support the Federal Government and every sector of critical infrastructure” and with it has come a monumental sweep of changes for federal agencies and non-governmental organizations alike to use to protect the critical systems, components, and services that defend the United States.

Recent Changes in NIST Special Publication 800-53

Controls for information systems and security controls are integrated into a seamless catalog for information systems and organizations. Privacy elements are now included in the unified catalog and integrated throughout 86 controls.

  • New Supply Chain Risk Management (SCRM) control family, with integrations throughout NIST 800 53 Rev 5.
  • Security and Privacy controls have become more outcome-based.
  • Clarifications of language between requirements, as well as the relationship between security and privacy controls
  • Separation of control selection processes and actual controls, making them more accessible to other teams across an organization.
  • New state-of-the-art controls based on threat intelligence and industry data to support cyber resilience, secure system design, and governance models.

Promoting an integrated approach to cyber risk management and cybersecurity best practices (like the NIST CSF), allowing Rev 5 to be scalable and applicable to multiple avenues like large-scale IT, cloud-based infrastructure, mobile devices, and IoT devices.

NIST SP 800-53 Rev 5 is making great strides to usher in a new generation of cybersecurity best practices. Bridging the gap between cybersecurity teams and organizational objectives. Using a cyber risk management solution like CyberStrong can help harmonize an organization's cybersecurity efforts across multiple frameworks and compliance regulations using our cutting-edge AI technology to crosswalk and automate risk management processes to save organizations valuable time, energy, and resources, as well as present information in a unified, human way.

Learn more about the NIST 800-53 control families here. 

If you have questions about any NIST Special Publication, including 800-53 Rev 5, NIST 800-171, cyber risk management, or how CyberStrong is helping organizations meet their cybersecurity goals, meet with the CyberSaint team.

You may also like

Putting the “R” back in GRC - ...
on November 20, 2024

Cyber GRC (Governance, Risk, and Compliance) tools are software solutions that help organizations manage and streamline their cybersecurity, risk management, and compliance ...

October Product Update
on October 17, 2024

The team at CyberSaint is thrilled to announce the latest additions and updates to the CyberStrong solution. To start off, we’ve made it easier to create an assessment and risk ...

Transforming Cyber Risk ...
on October 12, 2024

In today’s complex cyber landscape, managing risks effectively isn’t just about identifying threats—it’s about understanding their impact and knowing how to prioritize ...

Step-by-Step Guide: How to Create ...
on November 20, 2024

Cyber risk management has become more critical in today's challenging digital landscape. Organizations face increased pressure to identify, assess, and mitigate risks that could ...

From Fragmentation to Integration: ...
on November 20, 2024

Organizations are often inundated with many security threats and vulnerabilities in today's fast-paced cybersecurity landscape. As a result, many have turned to point ...

How to Create a Comprehensive ...
on November 20, 2024

Cyber threats are becoming more frequent, sophisticated, and damaging in today's rapidly evolving digital landscape. Traditional approaches to cyber risk management, which often ...