Security News

NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance
2022-01-06 08:11

The framework enables organizations to improve the security and resilience of critical infrastructure with a well-planned and easy-to-use framework. Although the CSF was written and updated while SaaS was on the rise, it is still geared towards the classic legacy critical infrastructure security challenges.

eBook: Using NIST guidelines for secure passwords
2021-11-23 03:45

Designing and implementing a password policy that responds directly to NIST guidelines is a crucial step in locking down your company's security. Enzoic for Active Directory achieves password security in line with NIST by enabling real-time password policy enforcement and daily password auditing with automated remediation.

eBook: Using NIST guidelines for secure passwords
2021-11-10 13:34

Designing and implementing a password policy that responds directly to NIST guidelines is a crucial step in locking down your company's security. Enzoic for Active Directory achieves password security in line with NIST by enabling real-time password policy enforcement and daily password auditing with automated remediation.

Break into the cybersecurity field by learning the NIST risk management framework
2021-11-04 10:02

Cybersecurity is a lucrative field, and you don't have to spend years learning all the various aspects of it. If you are an advanced IT professional, you can actually break into it with very specialized training, such as the NIST Cybersecurity & Risk Management Frameworks course.

NIST selects Ivanti on Implementing A Zero Trust Architecture project
2021-07-27 23:15

Ivanti announced that it has been selected by the National Institute of Standards and Technology's National Cybersecurity Center of Excellence to participate as a collaborator in the Implementing A Zero Trust Architecture project. The goal of the project is to build zero trust security architectures to help organizations mitigate cybersecurity risk.

Radiant Logic participates in NIST’s NCCoE Zero Trust Architecture project
2021-07-27 23:10

Radiant Logic announced that it has been selected by the National Institute of Standards and Technology's National Cybersecurity Center of Excellence to contribute critical identity capabilities to their new Zero Trust Architecture project. This week it was announced that a select group of technology collaborators, including Radiant Logic, were chosen to work with NIST's NCCoE to develop several approaches to a zero trust architecture-applied to a practical, general purpose enterprise IT infrastructure-which will be designed and built according to the concepts and tenets documented in NIST Special Publication 800-207, Zero Trust Architecture.

CISA, NIST Provide New Resource on Software Supply Chain Attacks
2021-04-27 11:39

The software supply chain is part of the information and communications technology supply chain framework, which represents "The network of retailers, distributors, and suppliers that participate in the sale, delivery, and production of hardware, software, and managed services," CISA and NIST explain. Aside from the SolarWinds incident, other notorious supply chain attacks over the past several years include the CCleaner malware campaign, the MeDoc compromise leading to NotPetya, Operation ShadowHammer, the infection of IoT devices running Windows 7, and the abuse of Kaspersky Lab software to steal NSA files.

NIST and HIPAA: Is There a Password Connection?
2021-04-08 05:47

While companies uphold their own password standards, outside forces like HIPAA and NIST have a heavy influence. Notably, an admin complying with NIST standards might define necessary password policies to enforce minimum length and leaked password filtering requirements.

NIST Cybersecurity Framework: A cheat sheet for professionals
2021-03-05 15:30

TechRepublic's cheat sheet about the National Institute of Standards and Technology's Cybersecurity Framework is a quick introduction to this new government recommended best practice, as well as a "Living" guide that will be updated periodically to reflect changes to the NIST's documentation. Executive summaryWhat is the NIST Cybersecurity Framework? The NIST CSF is a set of optional standards, best practices, and recommendations for improving cybersecurity and risk management at the organizational level.

NIST provides guidance to protect controlled unclassified information
2021-02-04 04:30

Vulnerable data includes the sensitive but unclassified information managed by government, industry and academia in support of various federal programs. Now, a finalized publication from NIST provides guidance to protect such controlled unclassified information from APTs.