Victoria Yan Pillitteri

Dec 4, 2024 | nist.gov | Katherine Schroeder |Hung V. Trinh |Victoria Yan Pillitteri

This document provides guidance on how an organization can develop an information security measurement program with a flexible structure for approaching activities around the development and implementation of information security measures. Citation Special Publication (NIST SP) - 800-55v2 Report Number 800-55v2 Pub Type NIST Pubs assessment, information security, measurement, measures, metrics, performance, program, reports, security controls.

Oct 21, 2024 | nist.gov | Stephen Quinn |Victoria Yan Pillitteri |Matthew Barrett |Matthew Smith

This guide provides an introduction to using the NIST Cybersecurity Framework (CSF) 2.0 for planning and integrating an enterprise-wide process for integrating cybersecurity risk management information, as a subset of information and communications technology risk management, into enterprise risk management. The use of CSF common language and outcomes supports the integration of risk monitoring, evaluation, and adjustment across various organizational units and programs.

May 14, 2024 | nist.gov | Ronald Ross |Victoria Yan Pillitteri

The protection of Controlled Unclassified Information (CUI) is of paramount importance to federal agencies and can directly impact the ability of the Federal Government to successfully conduct its essential missions and functions. This publication provides organizations with assessment procedures and a methodology that can be used to conduct assessments of the security requirements in NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.

Dec 6, 2023 | nist.gov | Jeremy Licata |Victoria Yan Pillitteri |Eduardo Takamura

In 2017, NIST published a methodology for supporting the automation of SP 800-53 control assessments in the form of IR 8011. IR 8011 is a multi-volume series that starts with an overview of the methodology (volume 1) and provides guidance and specifications for automating the assessment of controls that support specific information security continuous monitoring security capabilities, one volume per capability. Four volumes have been released so far, and more volumes are in development.

Sep 26, 2023 | nist.gov | Yang Guo |Victoria Yan Pillitteri |Robert Beverly |Jeremy Licata

, , , , Robert Beverly, Xin Yuan, Gary Key, Rickey Gregg, Stephen Bowman, Catherine Hinton, Albert Reuther, Ryan Adamson, Aron Warren, Purushotham Bangalore, Erik Deumens, Csilla Farkas High-performance computing (HPC) is a vital computational infrastructure for processing large data volumes, performing complex simulations, and conducting advanced machine learning model training. As such, HPC is a critical component of scientific discovery, innovation, and economic competitiveness.