Estimating the Cost of NIST SP 800-171 - podcast episode cover

Estimating the Cost of NIST SP 800-171

Oct 12, 202341 min
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

The government recently released a new federal acquisition regulation that requires NIST SP 800-53 controls for federal information systems operated by contractors. Buried inside that rule are several cost estimates for implementing and maintaining SP 800-53. Meanwhile, the government has never published cost estimates for NIST SP 800-171 even though it is derived directly from SP 800-53. In this episode we use are knowledge of SP 800-53 to do the impossible and estimate SP 800-171 using the government's own numbers.

Episode Links:

LinkedIn Poll: https://www.linkedin.com/posts/jacob-evan-horne_information-hazards-are-one-of-my-favorite-activity-7116107489045004288-BfrM

FAR Rule: https://www.federalregister.gov/documents/2023/10/03/2023-21327/federal-acquisition-regulation-standardizing-cybersecurity-requirements-for-unclassified-federal

Fuzzy Math @ CS2 San Diego (2021): https://www.youtube.com/watch?v=843K3hkLquk

SolarWinds Hack: https://www.gao.gov/blog/solarwinds-cyberattack-demands-significant-federal-and-private-sector-response-infographic

EO 14028: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

DFARS 7012: https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting.

DFARS 7010: https://www.acquisition.gov/dfars/252.239-7010-cloud-computing-services.

FIPS 199: https://csrc.nist.gov/pubs/fips/199/final

SP 800-53: https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final

SP 800-171: https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final

SP 800-171B cost estimate (2019): https://csrc.nist.gov/pubs/sp/800/171/b/ipd

For the best experience, listen in Metacast app for iOS or Android