Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Victoria Yan Pillitteri (Fed)

Displaying 26 - 50 of 65

Control Baselines for Information Systems and Organizations

December 11, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides security and privacy control baselines for the Federal Government. There are three security control baselines (one for each system impact level: low-impact, moderate- impact, and high-impact), as well as a privacy baseline that is

Security and Privacy Controls for Information Systems and Organizations

December 10, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks

Control Baselines for Information Systems and Organizations

October 29, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri

This publication provides security and privacy control baselines for the Federal Government. There are three security control baselines (one for each system impact level: low-impact, moderate-impact, and high-impact), as well as a privacy baseline that is

Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment

May 21, 2020

Author(s)

Kelley L. Dempsey, Victoria Yan Pillitteri, Chad Baer, Robert Niemeyer, Ron Rudman, Susan Urban

This publication describes an approach for the development of Information Security Continuous Monitoring (ISCM) program assessments that can be used to evaluate ISCM programs within federal, state, and local governmental organizations and commercial

Approaches for Federal Agencies to Use the Cybersecurity Framework

March 19, 2020

Author(s)

Jeffrey A. Marron, Victoria Y. Pillitteri, Jon M. Boyens, Stephen D. Quinn, Gregory A. Witte, Larry Feldman

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

February 21, 2020

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Kelley L. Dempsey, Mark Riddle, Gary Guissanie

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential

Developing Cyber Resilient Systems: A Systems Security Engineering Approach

November 27, 2019

Author(s)

Ronald S. Ross, Victoria Y. Pillitteri, Richard Graubart, Deborah Bodeau, Rosalie McQuaid

This publication is used in conjunction with ISO/IEC/IEEE 15288:2015, Systems and software engineering--Systems life cycle processes, NIST Special Publication 800-160, Volume 1, Systems Security Engineering--Considerations for a Multidisciplinary Approach

The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk

February 28, 2019

Author(s)

Victoria Y. Pillitteri

This bulletin summarizes the information found in NIST SP 800-37, Revision 2: Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy which provides guidelines for applying the RMF to

Assessing Security Requirements for Controlled Unclassified Information

June 13, 2018

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Victoria Y. Pillitteri

An Introduction to Information Security

June 22, 2017

Author(s)

Michael Nieles, Kelley L. Dempsey, Victoria Y. Pillitteri

Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities. Ensuring the security of these products and services is of the utmost importance for the success of the organization. This

inf-TESLA: Multicast Delayed Authentication For Streaming Sensor Data in Electric Power Systems

June 1, 2016

Author(s)

Sergio Camara, Dhananjay Anand, Victoria Yan Pillitteri, Luiz F. Carmo

Multicast authentication of synchrophasor data is challenging due to the design requirements of electric power monitoring systems such as low security overhead, tolerance of lossy networks, time-criticality and high data rates. In this work, we propose inf

Multicast Delayed Authentication For Streaming Synchrophasor Data in the Smart Grid

May 30, 2016

Author(s)

Sergio Camara, Dhananjay Anand, Victoria Yan Pillitteri, Luiz F. Carmo

Multicast authentication of synchrophasor data is challenging due to the design requirements of Smart Grid monitoring systems such as low security overhead, tolerance of lossy networks, time-criticality and high data rates. In this work, we propose inf

Tailoring Security Controls for Industrial Control Systems

November 16, 2015

Author(s)

Victoria Y. Pillitteri, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-82, Rev 2: Guide to Industrial Control Systems (ICS) Security written by Keith Stouffer, Victoria Pillitteri, Suzanne Lightman, Marshall Abrams and Adam Hahn. The publication provides