AWS announces migration plans for NIST 800-53 Revision 5
Amazon Web Services (AWS) is excited to begin migration plans for National Institute of Standards and Technology (NIST) 800-53 Revision 5.
The NIST 800-53 framework is a regulatory standard that defines the minimum baseline of security controls for U.S. federal information systems. In 2020, NIST released Revision 5 of the framework to improve security standards for industry partners and government agencies. The set of NIST 800-53 controls provides a foundation for additional laws and regulations within the U.S. government.
The Federal Information Security Modernization Act (FISMA) of 2014 is a law that requires federal agencies and contractors to meet information security standards. The Federal Risk and Authorization Management Program (FedRAMP) is a federal government program that provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud services. Both FISMA and FedRAMP rely on the NIST 800-53 framework.
AWS meets the NIST 800-53 Revision 4 regulatory standards mandated by government authorities. NIST added numerous security enhancements, such as privacy and supply chain management, to Revision 5 to keep abreast of emerging threats to federal information systems.
In preparation for federal regulators to accept NIST 800-53 Revision 5 as the new requirement standard, AWS has begun efforts to adapt to the new security controls, processes, and procedures. AWS security compliance teams have analyzed the new requirements and launched a project to implement the updates. Although AWS is not required to migrate to the new Revision 5 standard until NIST announces the official regulatory compliance deadline, we are already taking steps to meet the deadline.
To learn more about AWS compliance programs, see the AWS Compliance Programs page.
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, contact AWS Support.
Want more AWS Security news? Follow us on Twitter.
目录
最新
- Customer compliance and security during the post-quantum cryptographic migration
- Enhancing data privacy with layered authorization for Amazon Bedrock Agents
- How to perform a proof of concept for automated discovery using Amazon Macie
- Keep your firewall rules up-to-date with Network Firewall features
- How to implement relationship-based access control with Amazon Verified Permissions and Amazon Neptune
- How to migrate 3DES keys from a FIPS to a non-FIPS AWS CloudHSM cluster
- Managing identity source transition for AWS IAM Identity Center
- 2024 H1 IRAP report is now available on AWS Artifact for Australian customers