The pace and complexity of AI technologies is increasing every day. In this rapidly changing environment, it’s critical for companies to adopt a rigorous approach to safely and responsibly incorporating AI into their products and processes. ‍ That’s why we’re excited to announce that the NIST AI Risk Management Framework (RMF) is now available in beta.

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant.

NIST SP 800-162 ‘Guide to Attribute Based Access Control (ABAC) Definition and Considerations’ is a special publication that defines attribute-based access control (ABAC) for U.S. government agencies. It also provides guidance on using ABAC to improve and maintain control of information sharing within and between organizations and best practices for ABAC implementations.

The NIST SP 800-123 Guide to General Server Security contains NIST recommendations on how to secure your servers. It offers general advice and guideline on how you should approach this mission. Its aim is to assist organizations in understanding the fundamental activities they nee dto undertake to secure their servers. Regulations such as HIPAA, HITRUST, CMMC, and many others rely on those recommendations, demanding organizations to enforce and comply with the guide.

The National Institute of Standards and Technology (NIST) developed the NIST 800-171 framework to set guidelines and security requirements for protecting controlled unclassified information (CUI). NIST first created the framework in June 2015 but has since revised the publication several times, most recently in November 2023.

With personal data or business communications, our vast digital footprint is vulnerable to malefactors. Consequently, safeguarding sensitive information has become a pressing concern for companies of all sizes. The cost of cybercrime was $8 trillion globally in 2023 and is projected to hit $10.5 trillion by 2025. This alarming statistic emphasizes the escalating threat and the critical need for robust cybersecurity measures.

In an era where cyber threats are increasingly sophisticated and unpredictable, prioritizing risk management has become critical. Cybersecurity breaches, whether from malware, ransomware, or other attacks, can inflict substantial damage on your organization’s infrastructure and reputation. However, it’s not just about cyber threats.

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) has been a stalwart ally for organizations for years, providing guidance on understanding, evaluating and communicating about cybersecurity risks. The release of NIST CSF 2.0, expected in early 2024, provides a paradigm shift. This blog post provides an in-depth exploration of the structure of the NIST CSF and the key changes coming in version 2.0.

With NIST recently releasing an updated draft version of the framework, we outline the main proposed changes.