The National Institute of Standards and Technology has begun to seek public comments on a draft version of its updated special publication on privacy and security controls for government and industry data systems, Nextgov reported Tuesday.NIST will accept public feedback through Sept. 12 with a plan to release the final draft of the document before the end of 2017.
The draft marks the fifth update to NIST’s Security and Privacy Controls for Information Systems and Organizations publication and seeks to modify the controls’ structure to make them more “outcome-based.â€
NIST said the draft special publication aims to establish a consolidated set of controls for data platforms through the integration of privacy controls into the security control catalog and facilitate integration with the Cybersecurity Framework and other risk management and cyber approaches.
The draft document also introduces new controls based on empirical attack information and threat intelligence data and seeks to clarify the relationship between privacy and security to help streamline the selection of controls needed to address risks.
