Homewhoiswilliamnoble.comq4q.com

Cybersecurity Maturity Model

3.13 SYSTEM AND COMMUNICATIONS PROTECTION | NIST 800-171 control 3.13, safeguards information systems and communication channels by requiring organizations to monitor, control and protect them. This improves data confidentiality, integrity, and availability. It assigns responsibility for implementing security controls like access controls, firewalls, and encryption to protect against unauthorized access, use, disclosure, disruption, modification, or destruction of information.

Cybersecurity Maturity Model
Back to "Cybersecurity Maturity Model"
Cybersecurity Maturity Model
🖨️

3.13 SYSTEM AND COMMUNICATIONS PROTECTION

By W. Noble 📅 2024-03-03
NIST 800-171 control 3.13, safeguards information systems and communication channels by requiring organizations to monitor, control and protect them. This improves data confidentiality, integrity, and availability. It assigns responsibility for implementing security controls like access controls, firewalls, and encryption to protect against unauthorized access, use, disclosure, disruption, modification, or destruction of information.

(Image credit: xnetd.com)


IST 800-171 lays out security controls for non-federal organizations that handle Controlled Unclassified Information (CUI) for the government. One key control family, "3.13 System and Communications Protection," focuses on safeguarding information systems and the channels they use to communicate.

This family of controls mandates various measures to achieve that protection. Organizations must implement general security practices like securing system boundaries, identifying and addressing security issues, protecting information at rest and in transit, controlling user access, and providing security awareness and training. Additionally, they are required to conduct risk assessments to pinpoint vulnerabilities in their systems and communication channels. Based on these assessments, they must create and implement security plans to mitigate those risks.



In essence, NIST 800-171's "3.13 System and Communications Protection" ensures that organizations have a solid foundation of security practices in place to safeguard CUI. This includes both general security measures and targeted actions based on identified vulnerabilities.

Family:System and Communications Protection (AC 3.13)
NIST:NIST SP 800-171r3


3.13.1 Monitor, control, and protect commun...systems- NIST 800-171 control 3.13.1 helps secure information moving within an organization. It reduces the risk of unauthorized access or data breaches by monitoring.... (Page)
3.13.2 Employ architectural designs, softwa...systems- NIST 800-171 control 3.13.2 emphasizes building security into systems from the ground up. This helps protect information confidentiality, integrity,.... (Page)
3.13.3 Separate user functionality from sys...onality- NIST 800-171 control 3.13.3 mandates separating user and system administration functions. This reduces the risk of unauthorized modifications by limiting.... (Page)

3.13.4 Prevent unauthorized and unintended...sources- NIST 800-171 control 3.13.4 safeguards sensitive information by preventing it from lingering in shared system resources like memory or disk space. This.... (Page)
3.13.5 Implement subnetworks for publicly a...etworks- NIST 800-171 control 3.13.5 mandates creating isolated subnetworks, called DMZs, for publicly accessible systems. This safeguards internal networks.... (Page)

About "3.13 SYSTEM AND COMMUNICA...CTION" 🡃
Category:Cybersecurity Maturity Model
Family:System and Communications Protection (AC 3.13)
NIST:NIST SP 800-171r3
Type:Basic Security Requirements, Derived Security Requirements
#CybersecurityMaturityModel #BasicSecurityRequirements #DerivedSecurityRequirements

XNETD

© q4q.com 1999-2024   © xnetd.com 2024