Whether military, a civilian agency, or even a public education institution, organizations across the public sector have witnessed a substantial increase in cyberattacks. There were a number of hits on education around this time last year, and then on health-related agencies as the COVID-19 pandemic struck. So, how do government agencies ensure their security posture is up to the task of defending against increasingly opportunistic forces of evil? A technical architecture compliant with NIST Special Publication 800-53 is a must.

NIST SP 800-53 aligns with FedRAMP Authorization, requiring vendors of cloud-based products to incorporate security measures such as multi-factor authentication, continuous monitoring, FIPS140-2 cryptomodules, among other security controls. While NIST and FedRAMP are well-known in United States federal, state and local government circles, the requirements are good practice for public agencies around the world. Take note of these recommendations, which will help secure your modern IT deployments:

Always be prepared: Perform privacy-impact assessments, comprehensive audit reports, and cybersecurity training – complete with alerts and reminders when training is missed.

Documentation is essential: Ensure all new access requests, along with associated approval workflows, are documented within the agency’s enterprise service management solution.

Continuously assess risk: Using a vulnerability scanning tool is the requirement.  Employ automation workflows to compare scans over time, identifying trends that may expose vulnerabilities.

These are just a few examples for improving agency security while aligning with NIST SP 800-53 Moderate Impact Controls. There are many more with Control Families ranging from Access Control to Privacy, and from Incident Response to Contingency Planning. Check out more ways to defend your organization from evildoers in our infographic.

Agencies must defend against attacks growing in both frequency and severity. With Ivanti Service Manager, agencies and government contractors improve their security posture, while modernizing their IT. And this FedRAMP Authorized solution includes more than twenty-five NIST-compliant workflows already built into it, helping reduce risk right away.