5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions

Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.

Continue Reading 5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).

Continue Reading NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

The National Institute of Standards and Technology (NIST) has released a new Interagency/Internal Report (NISTIR) 8228, that includes guidelines for organizations in managing IoT cybersecurity and privacy risks. The NISTIR…

Continue Reading NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

New CIS Controls Version 7.1 released

The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with a similar risk profile and available cybersecurity resources.

Continue Reading New CIS Controls Version 7.1 released

NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has released a new risk management framework guideline. NIST has named the document Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy."

Continue Reading NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations

Germany Publishes New Broadband Router Security Guidelines

The German government Federal Office for Information Security published technical security guidelines for broadband routers commonly used in Small Office and Home Office (SOHO) environments. The new guideline provides recommendations to manufacturers on designing and implementing routing products with "adequate state-of-the -art security features."

Continue Reading Germany Publishes New Broadband Router Security Guidelines