Standards & Guidelines

CIS Controls Version 8

The Center of Internet Security (CIS) in coordination with the SANS Institute and through a consortium of security experts, U.S. agencies such as the NSA, coordinated the CIS Controls Version 8 (formerly known as “Critical Security Controls” or CSC) to help simplify and prioritize list of controls that would have the greatest impact to an organization in improving risk posture against cyber threats.

CIS Controls Version 8 Read More »

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics and a set of general access control guidance for cloud service models. An abstract from SP 800-53: This publication provides

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations Read More »

5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions

Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST’s Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.

5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions Read More »

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines Read More »

NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.

NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations Read More »