NIST Continues to Sponsor InfoBeyond’s CSAT -- A Cybersecurity Framework Tool -- Production and Commercialization

All Federal and Safety-critical information systems (e.g., HIPAA) are mandatory to manage the information security risk in compliance with the Federal Information Systems Management Act (FISMA) of 2014 and May 2017 Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. This requires all these cloud, IoT, networks, and other information systems to implement necessary security and privacy controls identified in NIST SP 800-53 specifications.

For strengthen risk management compliance, NIST (National Institute of Standards and Technology) has awarded Infobeyond to develop a tool, namely, Cloud Security Architecture Tool (CSAT) in 2018. This tool leverages the Cybersecurity Framework (CSF) to identify the NIST SP 800-53 security and privacy controls for cloud-based information systems by identifying the necessary functional capabilities the system needs to provide to support the organization’s mission and the service the system is designed for.

As the latest news from NIST small business office, InfoBeyond is further awarded a two-year program from 2019 to 2021 for the continuation of the tool development and commercialization.

“Under this support, InfoBeyond plans to provide a viable tool by June 2020 such that Federal agencies and organizations can benefit from it to enhance their system risk management capability,” said Bin Xie, Ph.D., CEO of InfoBeyond.

CSAT is originally prototyped by NIST as an open source toolkit:

https://github.com/usnistgov/CloudSecurityArchitectureTool-CSAT

NIST’s CSAT is a great success as an initial tool to assist agencies to implement integrated, organization‐wide programs to manage information security risk. On the other hand, NIST’s CSAT still needs further improvement and implementation of new functions such that it can be commercialized as an Enterprise-grade product.

Compared to NIST’s CSAT, InfoBeyond’s CSAT presents new software and system designs to offer a user‐friendly, efficient, reliable, and generic CSAT tool delivered as:

  • (i) An Enterprise CSAT standalone version
  • (ii) A CSAT Cloud version.

Please visit the following link for a lite free version:

https://csat.infobeyondtech.com/#/login

InfoBeyond’s CSAT is built over a Java Spring and Angular Web –based architecture to support state-of-the-art operational flexibility through user-friendly GUI. In such an architecture, InfoBeyond’ CSAT focuses on:

  • (i) Enhancement of the existing NIST's CSAT functions
  • (ii) Implementation of new functions.

For example, it enhances the NIST’s CSAT functions, such as report composition and generation, heatmap, and user interfaces. Meanwhile, our CSAT implements new features, e.g., collaborative user mode for generating the guideline report. All these improvements and the new features facilitate government agencies’ adoption of secure cloud solution effectively. Please visit https://csat.infobeyondtech.com/ product page for more information.