The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 provides guidance for the selection of security and privacy controls for federal information systems and organizations. Published by the National Institute of Standard and Technology, the publication details items from the Risk Management Framework that address security controls required to meet requirements in the Federal Information Processing Standard (FIPS) 200. Revision 4 is the most comprehensive update since the initial publication. Revision 4 was motivated principally by the expanding threat space and increasing sophistication of cyber-attacks. Major changes include new security controls and control enhancements to address advanced persistent threats (APTs), insider threats, and system assurance; as well as additions to address technology trends such as mobile and cloud computing. Critical to certification for meeting FIPS, is the implementation of security controls from NIST 800-53, Appendix F. Focusing on the capabilities needed to meet these requirements, this paper provides background about Thales Trusted Cyber Technologies’s (TCT) Data Security Platform and the Transparent Encryption product that is delivered through that platform. It further details a mapping of the Thales TCT product line’s capabilities against these NIST security controls, first with an initial summary for each Family Area (in the form of a table), and then with expanded details of how these controls are delivered.

Download Now