Embed Size (px)
Citation preview
2
10
3
CUI
2010 11 913556
ClassifiedCUI Controlled Unclassified
InformationCUI
NARA CUICUI CUI
CUI
NARA
*1
4
NIST
National Institute of Standards and Technology, NIST
SP800-53 20156 CUI
SP800-53 SP800-171 2016 5 14
CUINIST SP800-171
FAR 52.204-21 914 CUI
SP800-171CUI
32 CFR 2002.14 2016 10
NIST SP800-171CUI
DFARS 252.204-70122017 12 31
72
NIST SP800-171System Security Plan, SSP Plan
of Action and Milestones, POA&M
NIST SP800-171
2,500AIAG: Automotive Industry Action
Group 2018 5 2NIST SP800-171
NERC: North American Electric Reliability Corporation NIST
CUI 2010 11 9 (Executive Order)13556
180 CUI
CUI 2015 6 CUI NIST SP800-171
2016 5 14 (FAR)52204-21
2016 9 14 32 (CFR)2002.14
2016 10 DFARS 252.204-7012 CUI
2017 12 31 NIST SP800-171
SP800-171
5
NIST SP800-171
5
NIST NIST CSF (Cybersecurity Framework) 5
5
*2 NIST National Cybersecurity Center of Excellence
6
IoTICT
7
Society5.0
CUI
CUI
CUI
2020 3*3
NIST
http://www.meti.go.jp/committee/kenkyukai/shoujo/sangyo_cyber/wg_1/pdf/001_04_00.pdf *3
8
Cloud Service Provider: CSP
FedRAMP: Federal Risk and Authorization Management Program
FedRAMP
FedRAMP HP FedRAMP MARKET PLACE
https://marketplace.fedramp.gov/#/products?status=Compliant&sort=productName
FedRAMP Concept of Operations http://www.gsa.gov/portal/getMediaData?mediaId=154239
9
DoD IG: DoD Inspector General Logical and Physical Access Controls at Missile Defense Agency
Contractor Locations 2017 312
BMDSUCTI DFARS
NIST SP800-171
MDA 7
NIST SP800-171
(SP800-171/53 )
5/7
4/7
7/7
1/7
1/7
5/7
5/7
5/7
4/7
DoD IG 7 SP800-171/53
7
DoD IG[Logical and Physical Access Controls at Missile Defense Agency Contractor Locations] https://media.defense.gov/2018/Apr/02/2001898150/-1/-1/1/DODIG-2018-094.PDF
10
NIST
SP800-171SP800-53
NIST CSF NIST
CSP
NIST SP800-171
11
CUI
DHS
IoT
CUI CUI
NARA National Archives https://www.archives.gov/cui/registry/category-list
12
ISO27001
NIST70%
70%
SP800-171
3.6
3.13
3.8
3.12
3.3
3.11 3.9
3.2
3.14
3.5 3.4
3.10
3.1
3.7
77 33
13
NIST SP800-171 9
1 9
NIST SP800-171
"SP800-171"
1 CUI
CUICUI
CUICUI
2 CUI
1 CUI
CUI
CUI CUI
ISO27001 ISMS
3
CUINIST
4 SP800-171
CUI
SP800-171
SP800-171SP800-171
5 SP800-171
SP800-171
14
SP800-171
171Go/NoGo
6 SP800-171
7 SP800-171
SP800-171
National Vulnerability Database, NVD
8 SP800-171
SP800-171
NIST SSP System Security Plan
9 SP800-171 SP800-171
SP800-171
SP800-171
SP800-171
1 CUI CUICUI
CUI
2 CUI CUI
CUI
3 CUI NISTNIST CSF
NIST
4 SP800-171
CUI 171
SP800-171
5 SP800-171 SP800-171
SP800-171
6 SP800-171 ( )
SP800-171
7 SP800-171 SP 800-171
SP800-171
8 SP800-171 SP 800-171171
SSP
9 SP800-171 SP800-171
NIST SP800-171
15
2016 11
35
2016 10 FedRAMP NIST SP800 S/W H/W
2017 6 S/W H/W
16
DT
40 11,000 Web www.deloitte.com/jp
Deloitte
150
Fortune Global 500® 8 Making an impact that matters245,000 Facebook LinkedIn Twitter
Deloitte
DTTLDTTL DTTL Deloitte
Global Deloitte www.deloitte.com/jp/about
Member of Deloitte Touche Tohmatsu Limited © 2018. For information, contact Deloitte Tohmatsu Consulting LLC.
E-mail : [email protected]/jp/dtc/
![>Q>0>6>+>P>/ g î¡ è%± þ w 4 v 1 Â iG-04-0305-02).pdf · g9g^g 4 gkgxgggogzg g]g2gdgwg gog 3ñ Â (9) 2a 5 250 g è w (10) g8g g^g gig gy º x 10 º h h25 b]h ìh (11) !l è](https://img.pdfslide.us/doc/110x75/5ec416909cf111271f3cdc1e/q06p-g-w-4-v-1-i-g-04-0305-02pdf.jpg)
![õÜ ôà X4õÜ 0ø¬m, °ô i, a D ½D i · 2021. 1. 22. · o9p];ñp _ug 8t+Ý951à6ùgfx7È ñ/xg2l.´g8g o$ 88ag8 p gggg.¸ 1à6ù7$$øo 02l d 8p $-g d 98g d ø +Ý951à6ù/x](https://img.pdfslide.us/doc/110x75/60bb410f68e95a043f6340f8/oe-x4oe-0m-i-a-d-d-i-2021-1-22-o9pp-ug-8t9516gfx7.jpg)
![ç ô 2 º 9 v 2! w 1 [ 1 L 3〦 · 1 L'¨76 ¶ ¹ $ ( $ (b4E õ_X8Z ¶ ¹ $ ( $ ( ` ] t Ê c ç ô2 º11 v21 ¥ vWZ õ @ 6 ¢M b [Qb õ $ (_ b* 4E õKS8?} ¶ » ( 2( Û ô25](https://img.pdfslide.us/doc/110x75/601cd194e5ad5927a0291600/-2-9-v-2-w-1-1-l-3-1-l76-b4e-x8z-.jpg)
