The National Institute of Standards and Technology’s Computer Security Division today released the draft of a new Federal Information Processing Standard, FIPS 199, which dictates how agencies should categorize their systems based on the security risk faced by each. The standard is the first step in several requirements generated by NIST under the Federal Information Security Management Act (FISMA) of 2002, all aimed at setting minimum security requirements for all government systems not related to national security. The draft outlines three categories of risk, which are based on the potential impact of a breach in three areas: the confidentiality, integrity and availability of the information in the system. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.