The National Institute of Standards and Technology last week released guidelines for federal agencies to address areas such as the basics of choosing security products and developing security training and awareness. The five final special publications range from technical descriptions to high-level guidance aimed at agency executives. They have been circulating for several months in draft form and represent the latest in a series of guides meant to help agencies with issues in the Federal Information Security Management Act (FISMA) of 2002 and highlighted by the Office of Management and Budget. Special Publication 800-42, “Guideline on Network Security Testing,” is meant for information technology and security officials in an agency. It focuses on the details of setting up, maintaining and acting on standard enterprise network penetration testing programs. Constant testing is a major component of a security program, highlighted first by the Government Information Security Reform Act (GISRA) of 2000, and now FISMA. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.