{"id":2137,"date":"2020-12-15T08:04:24","date_gmt":"2020-12-15T08:04:24","guid":{"rendered":"http:\/\/72.52.228.46\/~itegriti\/?p=2137"},"modified":"2021-04-12T03:40:57","modified_gmt":"2021-04-12T03:40:57","slug":"guide-to-nist-special-publication-800-53-rev-5","status":"publish","type":"post","link":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/","title":{"rendered":"Guide to NIST Special Publication 800-53 Rev. 5"},"content":{"rendered":"<div class=\"fusion-fullwidth fullwidth-box fusion-builder-row-1 nonhundred-percent-fullwidth non-hundred-percent-height-scrolling\" style=\"--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;\" ><div class=\"fusion-builder-row fusion-row\"><div class=\"fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-one-full fusion-column-first fusion-column-last\" style=\"--awb-bg-size:cover;\"><div class=\"fusion-column-wrapper fusion-column-has-shadow fusion-flex-column-wrapper-legacy\"><div class=\"fusion-text fusion-text-1\"><p>In September 2020 the National Institute of Science and Technology (NIST) published the fifth revision to its flagship Special Publication 800-53 \u201c<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53\/rev-5\/final\" target=\"_blank\" rel=\"noopener noreferrer\">Security and Privacy Controls for Information Systems and Organizations<\/a><strong>\u201d.<\/strong><\/p>\n<h2 class=\"navy\">Quick overview<\/h2>\n<p>As the abstract to the publication reads, \u201cThis publication provides a catalog of security and privacy controls for information systems and organizations to protect \u2026 from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks.\u201d<\/p>\n<p>The controls described in the publication are technology-agnostic, flexible and customizable, and can be implemented in the framework of a corporate-wide risk management program. The purpose of these controls is to address a wide variety of requirements deriving from business objectives and goals, laws and regulations, Presidential Executive Orders, standards, and guidelines.<\/p>\n<p>The publication contains a consolidated control catalog which addresses the concepts of security and privacy from two perspectives: functional and assurance. The functionality perspective defines the strength of functions and mechanisms provided by the controls, while the assurance perspective determines the degree of confidence in the security or privacy capability provided by the controls. Addressing both the functionality and the assurance perspectives helps organizations to ensure that their information systems and the services that depend on them are sufficiently trustworthy.<\/p>\n<h2 class=\"navy\">Changes to the previous version<\/h2>\n<p>Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure. The publication follows a proactive and holistic approach to system security to ensure that critical systems, components, and services are reliable and trustworthy and have the necessary resilience to withstand sophisticated cyber-attacks targeting them.<\/p>\n<p>The most significant changes to SP 800-53, Revision 5 include:<\/p>\n<ul>\n<li>A consolidated and seamless security and privacy control catalog<\/li>\n<li>New supply chain risk management controls integrated throughout the publication<\/li>\n<li>New state-of-the-practice controls based on the latest threat intelligence and cyber-attack data (e.g., controls to support cyber resiliency, secure systems design, security and privacy governance, and accountability)<\/li>\n<li>The controls are based on measurable outcomes rather than on pre-defined roles and responsibilities<\/li>\n<li>Improved correlation between requirements descriptions and controls.<\/li>\n<li>Clarified relationship between security and privacy controls<\/li>\n<li>The control selection process is separated from the controls, allowing the controls to be used by different communities of interest<\/li>\n<li>Incorporated Program Management control family in the consolidated catalog<\/li>\n<\/ul>\n<p>Finally, a significant change is the development of <a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53b\/final\" target=\"_blank\" rel=\"noopener noreferrer\">NIST SP 800-53B<\/a>, \u201cControl Baselines for Information Systems and Organizations,\u201d which now provides the security and privacy control baselines. The publication describes three security control baselines, one for each system impact level (low, moderate, and high) as well as a privacy baseline that is applied to all systems irrespective of impact level. In addition to the control baselines, the publication provides tailoring guidance and a set of working assumptions that help guide and inform the control selection process.<\/p>\n<p>In addition to these two publications, NIST has published a <a href=\"https:\/\/csrc.nist.gov\/CSRC\/media\/Publications\/sp\/800-53\/rev-5\/final\/documents\/sp800-53r5-controls.xlsx\" target=\"_blank\" rel=\"noopener noreferrer\">spreadsheet<\/a> of all SP 800-53 Rev. 5 controls, and an <a href=\"https:\/\/github.com\/usnistgov\/oscal-content\/tree\/master\/nist.gov\/SP800-53\" target=\"_blank\" rel=\"noopener noreferrer\">Open Security Control Assessment Language (OSCAL)<\/a> version of the controls.<\/p>\n<h2 class=\"navy\">Using the publication<\/h2>\n<p>How could organizations make use of this publication which covers everything from multifactor authentication to incident response? The important part is to select the controls that match your organization\u2019s operating environment and the security and privacy programs that support your mission objectives<\/p>\n<p>The best way to do that is to use the NIST Risk Management Framework (<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-37\/rev-2\/final\" target=\"_blank\" rel=\"noopener noreferrer\">SP 800-37, Revision 2<\/a>) which provides a structured risk-based approach for defining security and privacy requirements aligned with business functions and for selecting solutions and controls to satisfy these requirements.<\/p>\n<p>The Risk Management Framework (RMF) defines two approaches for the selection of security and privacy controls:<\/p>\n<ul>\n<li>Baseline control selection<\/li>\n<li>Business-centric control selection<\/li>\n<\/ul>\n<p>The\u00a0baseline control selection approach uses the control baselines defined in NIST SP 800-53B. These are pre-defined sets of controls that serve as a starting point for the protection of data, corporate systems, and privacy. Organizations can then select the baseline that helps them satisfy the security requirements defined in various business-specific regulations, policies, and standards in accordance with the defined risk tolerance.<\/p>\n<p>In the business-centric control selection approach the organization uses its own process to select controls. This approach is necessary in specialized and highly regulated business environments, such as the energy grid or the oil and gas industry. These sectors require protection from a specific set of threats which if they are exploited can heavily disrupt local societies and national economies.<\/p>\n<p>In these situations, it may be more efficient and cost-effective for the organization to select the appropriate controls instead of starting with a pre-defined set of controls from a control baseline. The selection of these controls is guided by the system security categorization, risk assessment, and requirements derived from relevant regulations, policies, directives, and standards.<\/p>\n<h2 class=\"navy\">How ITEGRITI helps<\/h2>\n<p>When selecting security and privacy control businesses need to demonstrate flexibility to adapt to emerging security and privacy risks. The control selection process should be based on a risk management program and should result in business resilience. <a href=\"http:\/\/72.52.228.46\/~itegriti\/\">ITEGRITI<\/a> develops and implements programs that mitigate cyber and compliance risk, supported by internal controls to measure, monitor, and report ongoing program effectiveness. Our programs help companies avoid breaches and minimize business impact during a cybersecurity incident. To learn how you can benefit from our expertise, <a href=\"http:\/\/72.52.228.46\/~itegriti\/contact\/\">contact us<\/a>.<\/p>\n<\/div><div class=\"fusion-clearfix\"><\/div><\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.<\/p>\n","protected":false},"author":10,"featured_media":2143,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2179,13,2180],"tags":[1169],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.0 (Yoast SEO v23.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Guide to NIST Special Publication 800-53 Rev. 5 - kw022024<\/title>\n<meta name=\"description\" content=\"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Guide to NIST Special Publication 800-53 Rev. 5\" \/>\n<meta property=\"og:description\" content=\"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\" \/>\n<meta property=\"og:site_name\" content=\"kw022024\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/itegriti\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-15T08:04:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-12T03:40:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Anastasios Arampatzis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:description\" content=\"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@TassosAramp\" \/>\n<meta name=\"twitter:site\" content=\"@itegriti\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anastasios Arampatzis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\"},\"author\":{\"name\":\"Anastasios Arampatzis\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\"},\"headline\":\"Guide to NIST Special Publication 800-53 Rev. 5\",\"datePublished\":\"2020-12-15T08:04:24+00:00\",\"dateModified\":\"2021-04-12T03:40:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\"},\"wordCount\":1149,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\",\"keywords\":[\"9 Minute Read\"],\"articleSection\":[\"Compliance\",\"Cybersecurity\",\"Managed Services\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\",\"name\":\"Guide to NIST Special Publication 800-53 Rev. 5 - kw022024\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\",\"datePublished\":\"2020-12-15T08:04:24+00:00\",\"dateModified\":\"2021-04-12T03:40:57+00:00\",\"description\":\"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.\",\"breadcrumb\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg\",\"width\":800,\"height\":450},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itegriti.com\/kw022024\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guide to NIST Special Publication 800-53 Rev. 5\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"name\":\"ITEGRITI\",\"description\":\"cybersecurity | compliance | managed services\",\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\",\"name\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"width\":600,\"height\":100,\"caption\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/itegriti\",\"https:\/\/x.com\/itegriti\",\"https:\/\/www.linkedin.com\/company\/itegriti\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\",\"name\":\"Anastasios Arampatzis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"caption\":\"Anastasios Arampatzis\"},\"description\":\"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.\",\"sameAs\":[\"http:\/\/www.welcometobora.com\",\"https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/\",\"https:\/\/x.com\/TassosAramp\"],\"url\":\"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Guide to NIST Special Publication 800-53 Rev. 5 - kw022024","description":"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/","og_locale":"en_US","og_type":"article","og_title":"Guide to NIST Special Publication 800-53 Rev. 5","og_description":"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.","og_url":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/","og_site_name":"kw022024","article_publisher":"https:\/\/www.facebook.com\/itegriti","article_published_time":"2020-12-15T08:04:24+00:00","article_modified_time":"2021-04-12T03:40:57+00:00","og_image":[{"width":800,"height":450,"url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","type":"image\/jpeg"}],"author":"Anastasios Arampatzis","twitter_card":"summary_large_image","twitter_description":"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.","twitter_image":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","twitter_creator":"@TassosAramp","twitter_site":"@itegriti","twitter_misc":{"Written by":"Anastasios Arampatzis","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#article","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/"},"author":{"name":"Anastasios Arampatzis","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673"},"headline":"Guide to NIST Special Publication 800-53 Rev. 5","datePublished":"2020-12-15T08:04:24+00:00","dateModified":"2021-04-12T03:40:57+00:00","mainEntityOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/"},"wordCount":1149,"commentCount":0,"publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","keywords":["9 Minute Read"],"articleSection":["Compliance","Cybersecurity","Managed Services"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/","url":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/","name":"Guide to NIST Special Publication 800-53 Rev. 5 - kw022024","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","datePublished":"2020-12-15T08:04:24+00:00","dateModified":"2021-04-12T03:40:57+00:00","description":"Revision 5 to the NIST SP 800-53 is the outcome of a multi-year effort by the Institute to develop the next generation of security and privacy controls needed to strengthen the security posture of all entities of critical infrastructure.","breadcrumb":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#primaryimage","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/12\/Itegriti_BlogNIST_hero2.jpg","width":800,"height":450},{"@type":"BreadcrumbList","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/guide-to-nist-special-publication-800-53-rev-5\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itegriti.com\/kw022024\/"},{"@type":"ListItem","position":2,"name":"Guide to NIST Special Publication 800-53 Rev. 5"}]},{"@type":"WebSite","@id":"https:\/\/itegriti.com\/kw022024\/#website","url":"https:\/\/itegriti.com\/kw022024\/","name":"ITEGRITI","description":"cybersecurity | compliance | managed services","publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itegriti.com\/kw022024\/#organization","name":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services","url":"https:\/\/itegriti.com\/kw022024\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","width":600,"height":100,"caption":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/itegriti","https:\/\/x.com\/itegriti","https:\/\/www.linkedin.com\/company\/itegriti\/"]},{"@type":"Person","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673","name":"Anastasios Arampatzis","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","caption":"Anastasios Arampatzis"},"description":"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.","sameAs":["http:\/\/www.welcometobora.com","https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/","https:\/\/x.com\/TassosAramp"],"url":"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/"}]}},"_links":{"self":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/2137"}],"collection":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/comments?post=2137"}],"version-history":[{"count":6,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/2137\/revisions"}],"predecessor-version":[{"id":2145,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/2137\/revisions\/2145"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media\/2143"}],"wp:attachment":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media?parent=2137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/categories?post=2137"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/tags?post=2137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}