Leveraging Knowledge to Manage Your Data Risks
This month, the National Institute of Standards and Technology (NIST) announced in a Bulletin that it has updated its Digital Identity Guidelines, which “provides agencies with technical guidelines regarding the digital authentication of users to federal networked systems.”
The Bulletin outlines the components of digital identity—identity proofing, authentication and federation for federal agencies to use…
The National Institute of Science and Technology (NIST) has long been a leading authority in Cybersecurity—even before Cybersecurity became a household name.
It originally published its Cybersecurity Framework-intended not to be a standard, but to offer guidance—to all industries on how to begin to tackle data security.
As cyber threats expand and become more sophisticated,…
I feel like I have been writing about Passwords over and over and that’s because I have. Despite hearing about how important passwords are over and over again, compromised passwords continues to be an issue for organizations.
Since the National Institute of Science and Technology (NIST) recently published new guidance and is recommending the use…
New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities.
According to OCR, the vulnerability can be introduced by the use of products that inspect HTTPS traffic. These products are used to detect malware or unsafe connections, which…
The National Institute of Standards and Technology (NIST) has issued an update to its Framework for Improving Critical Infrastructure Cybersecurity, which includes information relating to managing supply chain risks, measuring methodology and reducing cybersecurity risks to organizations.
The new guidance includes feedback that NIST has received following the release of the Framework in 2012,…
The National Institute of Standards and Technology (NIST) recently released guidance for the makers of devices that use or are connected to the Internet to build robust security measures into the design of products from the get-go.
The Guidance—NIST Special Publication 800-160, is the culmination of four years of research, and focuses on…
We often hear from small businesses that they do not believe they can be a “target” of hackers, or that they are at risk of a cyber intrusion. This thought is naïve as small businesses are at risk of cyber intrusions, and due to the fact that they do not have the resources to protect…
The National Institute of Standards and Technology (NIST) has teamed up with the United States Coast Guard(USCG) and private industry to issue a new cybersecurity document that will assist the maritime industry in securing the transportation of hazardous liquids in ports around the United States.
The document is in response to the recognition that the…
We consistently comment about the importance of educating the next generation of students on cybersecurity. The earlier the better, as far as I am concerned-as early as the third grade. There is a dearth of cybersecurity talent in the U.S. and it is one of the fastest growing fields for job opportunities.
Because cybersecurity is…
On Monday, October 24, 2016, the Department of Transportation’s National Highway Traffic Safety Administration (NHTSA) issued proposed cybersecurity guidance to the auto industry, including auto manufacturers and designers and manufacturers of vehicle systems and software, designed to assist the industry in developing best practices to safeguard vehicles’ systems against cyber-attacks and to protect the data…
