Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
The National Institute of Standards and Technology (NIST) has released a new Interagency/Internal Report (NISTIR) 8228, that includes guidelines for organizations in managing IoT cybersecurity and privacy risks. The NISTIR…
The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with a similar risk profile and available cybersecurity resources.
The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving "trustworthy email".
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 1800-4, that includes security guidelines for mobile device security in cloud and hybrid environments.
The National Institute of Standards and Technology (NIST) has released a new risk management framework guideline. NIST has named the document Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy."
The German government Federal Office for Information Security published technical security guidelines for broadband routers commonly used in Small Office and Home Office (SOHO) environments. The new guideline provides recommendations to manufacturers on designing and implementing routing products with "adequate state-of-the -art security features."
The Transport Layer Security (TLS) 1.3 has officially become a standard last week. The new TLS standard now offers improved privacy, security and performance to the internet security protocol.
A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS).