The Federal Information Processing Standard (FIPS) 199 provides organizations and individuals with the necessary guidance to determine a cybersecurity threat’s impact level accurately. These impact levels define the level of security a system should have to protect the data contained therein adequately.

This article will take you through an overview of FIPS 199 and how it can help you understand the three categories of impact levels, define terms used in FIPS 199, assess the impact of a cybersecurity threat, and provide best practices for interpreting results and mitigating risk.

Awareness

What Are Federal Information Processing Standards (FIPS)?

Mar 15, 2023 Continuum GRC 0 Comment

Federal Information Processing Standards (FIPS) are essential for federal agencies and contractors to ensure the security of sensitive information, such as classified data, personally identifiable information, and financial data.

This article will describe some of the most common FIPS security standards, their importance, and how federal agencies and contractors use them. We will also discuss the recent updates to FIPS security standards, such as FIPS 140-3 and FIPS 186-5, and how they impact federal information security.

Awareness Frameworks

FedRAMP and FIPS-Defined Impact Levels

Dec 28, 2022 Continuum GRC 0 Comment

One of the foundational pieces of information that a cloud provider needs to know when preparing for their FedRAMP Authorization is the required Impact Level. These levels aren’t generic labels applied by agencies to highlight the importance of their data–they are clearly-defined categories laid out by the National Institute of Standards and Technology (NIST) to structure security requirements.