Categories: Government

NIST Special Publication 800-12, An Introduction to Information Security, June 2017

Background

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in federal systems. The Special Publication 800-series reports on ITL’s research, guidelines, and outreach efforts in systems security as well as its collaborative activities with industry, government, and academic organizations.

Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities. Ensuring the security of these products and services is of the utmost importance for the success of the organization. This publication introduces the information security principles that organizations may leverage to understand the information security needs of their respective systems.

This publication serves as a starting-point for those new to information security as well as those unfamiliar with NIST information security publications and guidelines. The intent of this special publication is to provide a high-level overview of information security principles by introducing related concepts and the security control families (as defined in NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations) that organizations  an
leverage to effectively secure their systems1 and information. To better understand the meaning and intent of the security control families described later, this publication begins by familiarizing the reader with various information security principles.

Continue scrolling for more...

After the introduction of these security principles, the publication provides detailed descriptions of multiple security control families as well as the benefits of each control family. The point is not to impose requirements on organizations, but to explore available techniques for applying a specific control family to an organization’s system and to explain the benefit(s) of employing the selected controls.

Since this publication provides an introduction to information security, detailed steps as to how security controls are implemented or how to check for security control effectiveness are not included. Rather, separate publications that may provide more detailed information about a specific topic will be noted as a reference.

The Document

 NIST Special Publication 800-12, An Introduction to Information Security, June 2017 [101 Pages, 1.7MB]

https://documents.theblackvault.com/documents/commercedept/nist.sp.800-12r1.pdf

 

Follow The Black Vault on Social Media:

This post was published on March 7, 2018 7:50 am

John Greenewald

Recent Posts

The DoD Inspector General’s Evaluation of the DoD’s Actions Regarding Unidentified Aerial Phenomena

This article was originally written in August 2024. However, additional document releases related to these…

July 15, 2025

Do Not Respond: Pentagon Staff Instructed to Ignore The Black Vault’s UAP Inquiry

The Department of Defense (DoD) has released 151 pages of internal records related to the…

July 15, 2025

U.S. Government Confirms Multiple Drone Incursions Over Pantex Nuclear Facility; Newly Released Documents Reveal Previously Unreported Security Events

The U.S. Department of Energy (DOE) has released a series of previously undisclosed documents confirming…

July 12, 2025

Air Force Confirms Drone Swarms Over Wright-Patterson AFB Led to Airspace Shutdown; Videos and Reports Released

Newly released Air Force records confirm that Wright-Patterson Air Force Base (WPAFB) in Ohio experienced…

July 11, 2025

Navy Withheld Nearly 500 Pages About UAP Video Release Decision, Records Show FOIA Pressure Drove Disclosure

Newly released documents obtained through the Freedom of Information Act (FOIA) reveal that the U.S.…

July 9, 2025

CIA Mishandles UFO Files Again: Intelligence on Soviet UFO Reports Lost Forever

The CIA’s history of losing or mismanaging UFO-related records continues with yet another example, this…

July 7, 2025