Constant technological progress means that IT Security is always evolving to keep up. The recent release of NIST SP 800-53a (rev 5) is a reminder of this. Staying current with security policy is tiring, but keeping up with it (and keeping ahead of the attacks that are evolving is just as fast) is essential.