Cyber Resiliency and NIST Special Publication 800-53 Rev.4 Controls

Abstract

Attacks in cyberspace are no longer limited to simple discrete events such as the spread of a virus or a denial-of-service attack against an organization. Campaigns are waged by the advanced persistent threat (APT), which has the capabilities, resources and persistence to breach even well-patched and monitored IT infrastructures. Therefore, today's systems must be resilient against the APT. MITRE has developed its cyber resilience engineering framework (CREF) to support the development of structured and consistent cyber resiliency guidance. The CREF consists of goals, objectives and techniques. In the context of the Risk Management Framework defined by NIST SP 800-37, cyber resiliency techniques can be applied to a system, set of shared services, or common infrastructure by selecting, tailoring, and implementing security controls. This document identifies those controls in NIST SP 800-53R4 that support cyber resiliency.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2013
Accession Number
AD1107339

Entities

People

  • Deb Bodeau
  • Richard D. Graubart

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Advanced Persistent Threat
  • Authentication
  • Communications Protocols
  • Computer Access Control
  • Computer Networks
  • Cyberattacks
  • Cybersecurity
  • Denial Of Service Attack
  • Engineering
  • Identification
  • Information Security
  • Information Systems
  • Insider Threats
  • National Security
  • Natural Disasters
  • Power Supplies
  • Risk
  • Risk Management
  • Security
  • Security Personnel
  • Situational Awareness
  • Supply Chain
  • Systems Engineering
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering

Technology Areas

  • Cyber