Market Overview

New Xacta 360 Application Operationalizes NIST Cybersecurity Framework v1.1


Organizations can quickly establish and orchestrate cyber risk
management and self-assessment activities enterprise-wide

Telos® Corporation, a leading provider of continuous IT security
solutions and services for the world's most security-conscious
organizations, today announced a new application for its Xacta® 360
cyber risk management platform that streamlines execution of the NIST
Cybersecurity Framework (CSF) and automates associated reporting.

"Organizations around the world are gaining much greater awareness of
their cyber risk posture by implementing the CSF," said Rick Tracy,
Telos chief security officer and co-inventor of Xacta. "By automating
data gathering and reporting, Xacta 360 greatly reduces time to deploy a
CSF-based cyber risk management program, helps ensure accuracy and
completeness of self-assessment activities, and allows for greater
awareness of cyber risk objectives and outcomes."

This new cyber risk management application for Xacta 360 accounts for
all elements of the CSF – core, implementation tiers, current and target
profiles, and gaps – and steps the organization through the seven-step
gap assessment process.

"The beauty of the CSF," Tracy continued, "has always been its ability
to organize cyber risk information in a way that is understood from the
server room to the boardroom. Xacta 360 now automates the packaging and
presentation of cyber risk objectives and gaps for prioritization and

In 2013, President Barack Obama issued an executive order requiring the
National Institute of Standards and Technology (NIST) to develop the CSF
to secure systems associated with critical infrastructure. Originally
intended for use by organizations operating within the sixteen sectors
designated critical infrastructure by Department of Homeland Security,
many other industries and approximately twenty nations have embraced the
CSF standard. By executive order in May 2017, President Donald Trump
also called for its mandatory use by agencies of the U.S. federal

Telos has mapped other security requirements and control frameworks to
the CSF core, including NIST Special Publication 800-171 for protecting
controlled unclassified information, NIST SP 800-161 for supply chain
security, and the European Union's General Data Protection Regulation
(GDPR), allowing organizations to leverage the benefits of the CSF for
various self-assessment requirements. The application can also support
self-assessments for ISO 27001 and NIST SP 800-53, if desired.

Xacta 360 auto-generates standard NIST documentation such as system
security plans (SSP) and plans of action and milestones (POA&M), as well
as compliance score cards for supported regulations and frameworks.
Custom documentation can also be defined and generated by the user with
minimal effort.

A platform agnostic solution, Xacta 360 streamlines compliance for
systems operating in any environment – on-premises, in the cloud or
hybrid. For systems hosted by Amazon Web Services (AWS), Xacta 360 can
scan the accounts and services being used to establish an inventory and
monitor these resources to ensure continuous compliance of those
inventories and configurations. Combined with Xacta Continuum®, Xacta
360 can ingest on-premises asset data for inventory and continuous

Whether or not an organization is required to gain authorization to
operate, Xacta 360 is an effective solution to manage cyber risk. The
new CSF application helps users orchestrate a robust enterprise cyber
risk and compliance management process.

About Xacta

In 2000, Telos revolutionized certification and accreditation with the
release of Xacta Web C&A to automate labor-intensive manual tasks.
Ongoing research and development over the coming years resulted in the
2014 release of Xacta Continuum for continuous monitoring and Xacta
Compliance Campaign Manager in 2015 to address manual procedural
controls. In June 2017, Telos
launched Xacta 360
to streamline security compliance and empower a
360-degree view of the threat landscape and deliver powerful new
capabilities that help enterprises cut the time needed to develop the
body of evidence necessary to assure compliance with rigorous security
standards. Xacta 360 offers specialized applications for the NIST Risk
Management Framework, (RMF) and the Federal Risk and Authorization
Management Program (FedRAMP) as well as the CSF. Telos recently
announced the upcoming release of, which represents the next
generation of cyber risk management

About Telos Corporation

empowers and protects the world's most
security-conscious organizations with solutions and services for
continuous security assurance of individuals, systems and information.
Telos' offerings include cybersecurity solutions and services for IT
risk management and information security; secure mobility to protect
globally connected organizations; and identity management to establish
trust in personnel and continuously monitor for insider threats. The
company serves military, intelligence and civilian agencies of the
federal government, allied nations and commercial organizations around
the world. In 2017, Telos was recognized as a leading cybersecurity
company, evidenced by a top 25 ranking on the global Cybersecurity
list. The company is also a 2017 recipient of the prestigious James
S. Cogswell Outstanding Industrial Security Achievement Award
the Defense Security Service (DSS), awarded to less than .03% of
eligible organizations. For more information, visit
and follow us on Twitter @TelosNews.

View Comments and Join the Discussion!