From: FCW
By Sean Lyngaas
The National Institute of Standards and Technology hopes its new guidelines for IT security will beget a systems engineering process in which security is intrinsic to product design rather than an afterthought.
The guidelines, posted May 12, offer best practices for information systems security based on international engineering standards. They are the culmination of a two-year process that co-author Ron Ross said was not reactive to specific cyber threats like Heartbleed but rather underpinned by broad security principles.
“I think every … industry will look at this a little differently, depending on what niche they occupy,” said Ross, who is a fellow in NIST’s Computer Security Division.
Leave a Reply