5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions
Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization ...
Read More
Read More
NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128). The Special Publication (SP) 800-128 provides updated guidance to help organizations securely configure (or “harden”), ...
Read More
Read More
NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. NIST SP 800-52 Rev. 2 ...
Read More
Read More
NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks
The National Institute of Standards and Technology (NIST) has released a new Interagency/Internal Report (NISTIR) 8228, that includes guidelines for organizations in managing IoT cybersecurity and privacy risks. The NISTIR 8228 report titled “Considerations for ...
Read More
Read More
New CIS Controls Version 7.1 released
The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with ...
Read More
Read More
NIST SP 800-177 Revision 1: “Trustworthy Email”
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-177 Revision 1, that includes security recommendations for achieving "Trustworthy Email." SP 800-177 Rev 1 includes updated guidelines for securing email ...
Read More
Read More
NIST SP 1800-4: Mobile Device Security
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 1800-4, that includes security guidelines for mobile device security in cloud and hybrid environments. SP 1800-4 document titled "Mobile Device Security: ...
Read More
Read More
NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations
The National Institute of Standards and Technology (NIST) has released a new risk management framework guideline. NIST has named the document Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: ...
Read More
Read More
Many organizations lacking adoption of key CIS controls
A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS). CIS established the "top 20" set of critical security controls ...
Read More
Read More
PCI DSS 3.2.1 Security Standard update
The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) for organizations that handle branded credit cards from the major card networks. The latest version ...
Read More
Read More