NIST updates cryptography manual to help agencies meet FISMA requirements

The National Institute of Standards and Technology released a revised cryptography manual that gives federal cybersecurity officials guidance on how to encrypt and protect sensitive data.

NIST issued the revised Special Publication 800-21-1 'first released in 1999'to help government organizations as they comply with the Federal Information Security Management Act of 2002, which requires agencies, among other things, to certify and accredit their IT systems.

The report 'is intended to provide a structured, yet flexible set of guidelines for selecting, specifying, employing and evaluating cryptographic protection mechanisms in federal information systems'and thus, makes a significant contribution toward satisfying the security requirements of' FISMA, NIST said.

In particular, the report gives agencies guidance on selecting cryptography products, including performing a risk assessment and identifying security regulations and policies that are applicable to the agency and system.

NIST tailored the report for federal managers who are responsible for designing, procuring, installing and operating computer security systems.

'The goal is to provide these individuals with sufficient information to allow them to make informed decisions about the cryptographic methods that will meet their specific needs to protect the confidentiality, authentication and integrity of data that is transmitted and/or stored in a system or network,' the report said.

inside gcn

  • blockchain (Immersion Imagery/Shutterstock.com)

    DARPA eyes 'less-explored avenues' of blockchain

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group