NIST Sends Security Plan Guide Update to OMB

Yesterday the OMB’s Office of Information and Regulatory Affairs announced that it had received a proposed revision for NIST SP 800-18, Guide for Developing System Security Plans, for review. This guide for federal information-system security planners was originally published in 1998 and updated in 2006. It will be a while before OIRA approves this document and we see an official version.

A lot has changed in the IT security world since 2006; new technologies and vulnerabilities. This should be a major re-write. The (okay 'a') big question is: will they address OT security for building control systems and security systems for data centers?