Standards & Guidelines

CIS Controls Version 7.1 released

The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable ...
Read More
/ 800-53, CIS, CIS v7.1, Cybersecurity Articles, NIST, Security, Security Monitoring, Small Business Security, Standards, Standards & Guidelines, Top 20 CIS Controls

FIPS 140-3: Security Requirements for Cryptographic Modules

The Federal Information Processing Standards (FIPS) has issued the FIPS 140-3 Security Requirements for Cryptographic Modules. The National Institute of Standards and Technology (NIST) has developed FIPS, a set of standards and guidelines, in accordance with ...
Read More
/ Cryptography, FIPS, NIST, Standards & Guidelines
hacking, security, cyber-4038037.jpg

NIST SP 800-177: New Email Security Guidelines To Combat Phishing Threats

The NIST standard, SP 800-177 Revision 1, Trustworthy Email was released February 2019 and offers up-to-date security guidance to include SPF, DKIM, DMARC, and email digital signatures and encryption (via S/MIME), among others. Update: SP 800-177 Revision 1 ...
Read More
/ Crypto, Cryptography, Cryptography, DKIM, DMARC, Messaging Security, NIST, SHA-256, SP 800-177, SPF, SSL, Standards & Guidelines, TLS

NIST SP 800-177 Revision 1: “Trustworthy Email”

The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-177 Revision 1, that includes security recommendations for achieving "Trustworthy Email." SP 800-177 Rev 1 includes updated guidelines for securing email ...
Read More
/ 800-177, authentication, Cryptography, Cybersecurity Articles, DKIM, DMARC, email, encryption, Messaging, Messaging Security, NIST, SPF, Standards & Guidelines, TLS

NIST SP 1800-4: Mobile Device Security

The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 1800-4, that includes security guidelines for mobile device security in cloud and hybrid environments. SP 1800-4 document titled "Mobile Device Security: ...
Read More
/ BYOD, CAG 20, Cybersecurity Framework, Data Privacy, ISO 27002, mobile, Mobile Security, NIST, SP 800-1400, SP 800-53, Standards & Guidelines

NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has released a new risk management framework guideline. NIST has named the document Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: ...
Read More
/ Application Security, NIST, Privacy, Risk, RMF, Server Security, SP 800-37, Standards & Guidelines, Third-Party Security

PCI DSS 3.2.1 Security Standard update

The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) for organizations that handle branded credit cards from the major card networks. The latest version ...
Read More
/ Cryptography, Data Security Standards, DSS 3.2.1, MFA, PCI, PCI DSS, SSL, Standards & Guidelines, TLS, TLS 1.2

PCI security standards for mobile point of sale

The PCI Security Standards Council (PCI SSC) announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices (COTS), to include smartphones and tablets. According to the press release on Wednesday, the PCI Software-Based PIN ...
Read More
/ EMV, mobile, Mobile Security, PCI, SCRP, Security, SPoC, Standards, Standards & Guidelines