One year ago today, the National Institute of Standards and Technology released the Framework for Improving Critical Infrastructure Cybersecurity — a set of voluntary guidelines designed to help raise ...

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws. The National Institute of Standards ...

The dramatic rise in ransomware attacks and the SolarWinds Orion hack have thrust cybersecurity back into the spotlight. With everyone a target, it's time for organizations to implement cybersecurity ...

The National Institute of Standards and Technology (NIST) has released its first draft update (the “Draft Update,” available with and without markup here) to its 2014 Framework for Improving Critical ...

Richard (Rick) P. Tracy is chief security officer and senior vice president at Telos Corporation, a continuous security solutions and services provider. It’s been three months since President Donald ...

The world’s leading cybersecurity guidance is getting its first complete makeover since its release nearly a decade ago. After considering more than a year’s worth of community feedback, the National ...

The newest draft of the National Institute of Standards and Technologies' cybersecurity framework emphasizes integrating cybersecurity into companies' core governance functions and offers guidance on ...

Last month, NIST released their long-awaited new version 1.1 of the Cybersecurity Framework (CSF). According to the NIST website: “This voluntary Framework consists of standards, guidelines, and best ...

Enterprise security teams continually assess shifting security concerns and implement mitigating controls to reduce the organization's risk. However, with the pressing need to respond to threats, many ...

NIST's recently released Cybersecurity Framework version 1.1 showcases the Institute’s expanding role and the reliance of lawmakers on its guidance. While this should be welcomed given NIST’s rigorous ...

Organizations rely heavily on SAP systems and applications to run crucial business processes; securing these systems against cyber-attacks is vital. While several cybersecurity frameworks exist to ...

First introduced nearly a decade ago as technical cybersecurity guidance for critical infrastructure interests like energy, banking, and hospitals, the National Institute for Standards and Technology ...