Tyco Security Products Technology Partner for NIST Cybersecurity Best Practices Guide for the Financial Services Sector

NISTThe National Institute of Standards and Technology (NIST) developed an IT asset management and cybersecurity best practices guide for the financial services sector.  Tyco Security Products served as a collaborating vendor for the creation of this guide. The guide provides a comprehensive view of how to implement standards-based cybersecurity technologies to reduce vulnerabilities, improve response to security alerts and increase resilience. Security engineers and installers will find examples of installation, configuration and integration tips to increase cybersecurity resilience.

Cybersecurity Risk Factors

IT asset management (ITAM) lays the foundation to implementing an effective cybersecurity strategy. Consider risk factors like size, sophistication, risk tolerance and threat landscape. Often the challenge users face is tracking a diverse set of hardware and software. Lack of control of the entire system is another challenge confronted by companies. Many have several different third-party technologies and various contractors involved, which makes a standard across the products a challenge.

Financial Services NIST Cybersecurity Practice Guide

The guide details security characteristics and best practices for addressing security controls that should be considered by security program managers. Learn more about:

  • Managing assets connected to the enterprise network
  • Developing accountability
  • Detecting and alert authorities
  • Develop software restriction policies
  • Tracking assets on the system
  • Reducing risk on data encryption, authentication, incident reporting, scanning and more

13ITL002_nccoe_logoIf you have feedback on the guide or further questions email financial_nccoe@nist.gov.

The National Cybersecurity Center of Excellence, part of NIST, addresses businesses’ most pressing cybersecurity problems with practical, standards-based example solutions using commercially available technologies.

Download the guide.

Learn more about Tyco Security Products cyber protection pro

Cybersecurity Acronyms

As with any industry, there are a slew of acronyms that are used. Cybersecurity is no different. To completely understand the standards and best practices for cybersecurity, you must understand the various groups and terminology being used.

Tyco Security Products Cyber Protection Program

Developed over five years from providing critical solutions to the U.S. Government and other multi-national customers, Tyco Security Products Cyber Protection Program is one of the first in the industry to offer a holistic, six-part approach to cyber security for physical security products. We have effectively worked with government agencies to meet the appropriate standards and validations. Below is an explanation of many of the various cyber security groups and common terminology used.


Federal information Processing Standards (FIPS) are a set of standards that describe document processing, encryption algorithms and other information technology standards for use within non-military government agencies and by government contractors and vendors who work with agencies.

Having a FIPS validation ensures that encryption completed properly. Test results are validated by the United States National Institute of Standards and Technology (NIST), yet another acronym.


The Federal Information Security Management Act (FISMA) is United States legislation that defines a comprehensive framework to protect government information, operations and assets against threats.  View the Tyco Security Products FISMA-ready configuration guidelines. These guidelines apply to Software House CCURE 9000 and American Dynamics victor video management system (VMS) software and VideoEdge network video recorders.


The North American Electric Reliabilty Corporation (NERC) is a non-profit organization that works with all stakeholders to develop standards for power system operation, monitoring and enforcing compliance with those standards.


NERC Critical Infrastructure Protection (CIP) is 9 standards and 45 requirements covering the security of electronic perimeters and the protection of critical cyber assets as well as personnel and training, security management and disaster recovery planning. View the Tyco NERC-CIP V5 ready configuration guidelines for Software House CCURE and iStar.


The Defense Information Systems Agency (DISA) is a United States Department of Defense (DoD) agency that provides information technology (IT) and communications support to any individual or system contributing to the defense of the United States.


Security Requirement Guide (SRG) is compilation of singular, actionable statements that comprise a security control or security best. An SRG is used by DISA field security operations and vendor guide developers to build security technical implementation guides (STIGs). I know we cannot stop with the acronyms. A STIG is a guide for implementing IT systems within the DoD. View the Tyco DISA security requirements for VideoEdge using the General Purpose Operating System SRG.


System Administration Networking and Security (SANS) released Top 20 security vulnerabilities. These are security controls for protecting a network. VideoEdge and victor have been designed and have had the necessary features implemented to assist our installers and users with configuring their networks in the manner they need to implement the SANS controls they elect.

Learn more about our cyber protection program.