In an era where cyber threats are increasingly sophisticated and unpredictable, prioritizing risk management has become critical. Cybersecurity breaches, whether from malware, ransomware, or other attacks, can inflict substantial damage on your organization’s infrastructure and reputation. However, it’s not just about cyber threats.

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) has been a stalwart ally for organizations for years, providing guidance on understanding, evaluating and communicating about cybersecurity risks. The release of NIST CSF 2.0, expected in early 2024, provides a paradigm shift. This blog post provides an in-depth exploration of the structure of the NIST CSF and the key changes coming in version 2.0.

With NIST recently releasing an updated draft version of the framework, we outline the main proposed changes.

Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the institute published an updated version of the cybersecurity framework (CSF), NIST CSF 2.0, which contains a number of updates from the previous framework.

While the EU AI Act is poised to introduce binding legal requirements, there's another noteworthy player making waves—the National Institute of Standards and Technology's (NIST) AI Risk Management Framework (AI RMF), published in January 2023. This framework promises to reshape the future of responsible AI uniquely and voluntarily, setting it apart from traditional regulatory approaches. Let's delve into the transformative potential of the NIST AI RMF and its global implications.

Securing your organization’s information systems is a top priority in the ever-evolving digital landscape. Organizations face an ongoing battle against cyber threats; penetration testing is a powerful weapon to avoid these risks. The National Institute of Standards and Technology (NIST) Penetration Testing Framework, known as “nist pen testing,” offers a robust and structured approach to assessing and enhancing cybersecurity defences.

In late September 2023, the US-based National Institute of Standards and Technology (NIST) published its Cybersecurity Framework Profile for Hybrid Satellite Networks, otherwise known as NIST IR 8441. This blog will explore the reasons behind NIST developing the framework, outline its intentions, and summarize its key points.

NIST SP 800-171 details requirements that all Department of Defense (DoD) contractors have been required to follow for years. The guidelines were updated in 2020, and Revision 3 was published in May 2023. Netwrix is ready to help organizations achieve, maintain and prove NIST 800-171 compliance. Below, we summarize its key requirements and share recommendations for getting started with the regulation.

The National Institute of Standards and Technology has introduced a new revision of the Special Publication 800-53, revision 5. As with any document change of this scope there are minor and major changes. This paper will provide a high level overview of the significant changes, addressing a redefined focus in control families, accountability, governance, as well as a discussion of new control families, privacy transparency and supply chain risk management.

The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) is a robust, adaptable method for managing and mitigating information security risks within government agencies and organizations working with government systems. It integrates security, privacy, and cyber supply chain risk management into the system development life cycle.