The National Security Agency is developing cybersecurity guidelines to apply to its own systems and ultimately to any government or contractor network, according to sources familiar with the effort.
A 38-member team is drawing up the guidelines, which will be based on a list of 20 cybersecurity controls developed two years ago by an independent panel of government and nongovernment experts.
NSA spokesmen would neither confirm nor deny the program’s existence.
The original guidelines were designed to promote continuous network monitoring, but they were largely sidestepped by the Defense Department and contractors. Still, they generated intense debate in military security circles, leading to the NSA’s current project.
via Federal Times, continued here.