Security News

"We are more interested in ransomware that models behavior that we saw in the WannaCry attacks, where ransomware can exploit a vulnerability and propagate across a network," Ekstrom, who helped work on the documents, tells Information Security Media Group. One significant reason why NIST created these practice guidelines now is that the nature of ransomware has changed over the last two years, Ekstrom says.

It's time to patch your Cisco security solutions againCisco has released another batch of security updates and patches for a variety of its offerings, including many of its security solutions. Techniques and strategies to overcome Kubernetes security challengesFive security best practices for DevOps and development professionals managing Kubernetes deployments have been introduced by Portshift.

NIST has released a Privacy Framework to help you get your house in order. The brand new Privacy Framework 1.0 is the equivalent document for protecting peoples' personal privacy.

The National Institute of Standards and Technology last week announced version 1.0 of its Privacy Framework, a tool designed to help organizations manage privacy risks. NIST published a preliminary draft of the Privacy Framework in September 2019, when it requested public feedback.

The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST's Cybersecurity Framework. The NIST Privacy Framework is not a law or regulation, but rather a voluntary tool that can help organizations manage privacy risk arising from their products and services, as well as demonstrate compliance with laws that may affect them, such as the California Consumer Privacy Act and the European Union's General Data Protection Regulation.

Other organizations are also adopting NIST password guidelines and security protocols because they reduce the risk for most organizations. It easy for administrators to enforce a minimum password complexity with the standard Active Directory functionality but enforcing a character changes is more complex.

Agency Also Releases Study on That Raises Concerns About Facial Recognition TechnologyThe National Institute of Standards and Technology has released three biometric datasets to help organizations...

Automate Screening of Exposed Passwords and Password Policy EnforcementHere are four automated password policy options we recommend for NIST compliance.

By year's end, the National Institute of Standards and Technology should be ready to publish the first version of its privacy framework, a tool to help organizations identify, assess, manage and...

HITRUST, a leading data protection standards development and certification organization, announced the availability of version 9.3 of the HITRUST CSF information risk and compliance management...