Security News

NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs
2020-03-19 13:15

With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. The security of virtual meetings might often be an afterthought, but basic precautions can ensure that they don't lead to data breaches or other security incidents, says Jeff Greene, director of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology.

NIST Privacy Framework: The Implementation Challenges
2020-02-11 14:03

Challenges firms are facing in adopting the framework;. Why NIST is considering additional guidance for small business;.

NIST tests methods of recovering data from smashed smartphones
2020-02-04 12:54

The forensic engineers who help police gather evidence understand this even if it's not always been clear which methods are the most effective as extracting data accurately enough for it to meet standards of evidence. To examine the issue, the US National Institute of Standards and Technology says it recently conducted tests using 10 popular Android smartphones careful loaded with a mix of data accumulated during simulated use.

NIST Drafts Guidelines for Coping With Ransomware
2020-02-03 21:03

"We are more interested in ransomware that models behavior that we saw in the WannaCry attacks, where ransomware can exploit a vulnerability and propagate across a network," Ekstrom, who helped work on the documents, tells Information Security Media Group. One significant reason why NIST created these practice guidelines now is that the nature of ransomware has changed over the last two years, Ekstrom says.

Week in review: Kubernetes security challenges, NIST Privacy Framework, Mitsubishi Electric breach
2020-01-26 15:15

It's time to patch your Cisco security solutions againCisco has released another batch of security updates and patches for a variety of its offerings, including many of its security solutions. Techniques and strategies to overcome Kubernetes security challengesFive security best practices for DevOps and development professionals managing Kubernetes deployments have been introduced by Portshift.

NIST’s new privacy rules – what you need to know
2020-01-22 10:56

NIST has released a Privacy Framework to help you get your house in order. The brand new Privacy Framework 1.0 is the equivalent document for protecting peoples' personal privacy.

NIST Releases Framework for Privacy Risk Management
2020-01-20 13:27

The National Institute of Standards and Technology last week announced version 1.0 of its Privacy Framework, a tool designed to help organizations manage privacy risks. NIST published a preliminary draft of the Privacy Framework in September 2019, when it requested public feedback.

NIST Privacy Framework 1.0: Manage privacy risk, demonstrate compliance
2020-01-20 05:30

The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST's Cybersecurity Framework. The NIST Privacy Framework is not a law or regulation, but rather a voluntary tool that can help organizations manage privacy risk arising from their products and services, as well as demonstrate compliance with laws that may affect them, such as the California Consumer Privacy Act and the European Union's General Data Protection Regulation.

NIST 800-171 & Why Organizations Need Password Similarity Blocking in Active Directory
2020-01-07 21:33

Other organizations are also adopting NIST password guidelines and security protocols because they reduce the risk for most organizations. It easy for administrators to enforce a minimum password complexity with the standard Active Directory functionality but enforcing a character changes is more complex.

NIST's New Biometrics Databases Offer Help With IAM
2019-12-20 17:03

Agency Also Releases Study on That Raises Concerns About Facial Recognition TechnologyThe National Institute of Standards and Technology has released three biometric datasets to help organizations...