Security News

NIST Privacy Framework 1.0: Manage privacy risk, demonstrate compliance
2020-01-20 05:30

The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST's Cybersecurity Framework. The NIST Privacy Framework is not a law or regulation, but rather a voluntary tool that can help organizations manage privacy risk arising from their products and services, as well as demonstrate compliance with laws that may affect them, such as the California Consumer Privacy Act and the European Union's General Data Protection Regulation.

NIST 800-171 & Why Organizations Need Password Similarity Blocking in Active Directory
2020-01-07 21:33

Other organizations are also adopting NIST password guidelines and security protocols because they reduce the risk for most organizations. It easy for administrators to enforce a minimum password complexity with the standard Active Directory functionality but enforcing a character changes is more complex.

NIST's New Biometrics Databases Offer Help With IAM
2019-12-20 17:03

Agency Also Releases Study on That Raises Concerns About Facial Recognition TechnologyThe National Institute of Standards and Technology has released three biometric datasets to help organizations...

4 Automated Password Policy Enforcers for NIST Password Guidelines
2019-11-19 21:34

Automate Screening of Exposed Passwords and Password Policy EnforcementHere are four automated password policy options we recommend for NIST compliance.

Getting Ready for the NIST Privacy Framework
2019-11-06 17:03

By year's end, the National Institute of Standards and Technology should be ready to publish the first version of its privacy framework, a tool to help organizations identify, assess, manage and...

HITRUST CSF 9.3 adds CCPA, SCIDSA, and NIST SP 800-171 authoritative sources
2019-10-28 04:15

HITRUST, a leading data protection standards development and certification organization, announced the availability of version 9.3 of the HITRUST CSF information risk and compliance management...

NIST and Microsoft Partner to Improve Enterprise Patching Strategies
2019-10-11 15:14

The National Institute of Standards and Technology (NIST) and Microsoft this week announced a joint effort aimed at helping enterprises improve their patching strategies.  read more

NIST's Zero Trust Taxonomy Introduces Components, Threats and Migration Routes
2019-10-07 14:24

NIST has published a draft Zero Trust Architecture (ZTA) special publication (SP.800.207). The purpose is to develop a technology-neutral lexicon of the logical components of a zero trust...

NIST to Finalize Privacy Framework Soon
2019-09-25 15:18

Agency Now Accepting Comments on Latest DraftThe National Institute of Standards and Technology expects to release its much anticipated privacy framework by year's end. It's now accepting comments...

NIST Issues Draft Guidance for Securing PACS
2019-09-17 20:33

Tips on Keeping Picture Archiving and Communications Systems SecureNew draft guidance from the National Institute of Standards and Technology aims to help healthcare organizations improve the...