Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


Arctic Wolf

NIST SP 800-171: What You Need to Know

Like many industries, the federal government and the Department of Defense (DoD) are more digital, more dispersed, and work with more third parties than ever before. This shift means that information the departments deal with, referred to as controlled unclassified information, needs to be protected due to its high value.


A Quantum Arms Race in Cybersecurity

In 2001, NIST (the US National Institute of Standards and Technology) announced Advanced Encryption Standard (AES), a new encryption standard, designed to help organisations enhance protections against brute force attacks. The previous Data Encryption Standard (DES) had become vulnerable, with processing power growing, and the Electronic Frontier Foundation (EFF) had proved that DES encryption could be broken in less than 24 hours, therefore a new encryption standard was required.


How Trustwave Uses the NIST Framework to Inform Strategy and Mitigate Cybersecurity Risk

The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is one of several “gold level” standards used by public and private organizations as the basis for their cybersecurity protocols. It is also the benchmark utilized by Trustwave to protect our clients. NIST rolled out the CSF in 2014 as a set of guidelines for mitigating organizational cybersecurity risks.


NIST Password Guidelines

Since 2014, the National Institute of Standards and Technology (NIST), a U.S. federal agency, has issued guidelines for managing digital identities via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, and has been updated as recently as 2019. Revision 4 was made available for comment and review; however, revision 3 is still the standard as of the time of this blog post.


How Multi-Factor Authentication Protects Against Cybersecurity Threats

A weak password can easily become compromised by a cyberattacker, but employing multi-factor authentication (MFA) can stop a cyberattacker in their tracks. MFA is recommended as a best practice by the US National Institute of Standards and Technology (NIST) to reduce risk. Learn more about MFA and how it can protect your company from cyberattacks.


What the industry wants to improve on NIST Cybersecurity Framework 2.0

The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014 and updated it with CSF 1.1 in April 2018.

device authority

Hey! Did you hear that (Insert: Your Company Name and Product) got hacked?

Have you noticed it’s never “Hey, someone got by a firewall” or “WOW, they bypassed the network security”? No. It’s always about the Device. It’s the same for hackers because everything else is just a means to an end, and that end is your Device! Imagine, late at night, driving around the Amusement Park security gate, then busting open the locked gated fence. These actions are necessary to get to the big score, the Rides! Yaaahoo!

What is a Gap Assessment?

The NIST Cybersecurity Framework (CSF) provides a list of best practices organizations can follow to maintain a secure environment. At first glance, the list can seem quite complex! When Sedara works with a client to improve their security posture, we do in-depth information gathering. The questions asked might include things like: How do you keep your computer systems updated? How often are they updated? How do you manage adding access for new hires, and ending access for terminations? Do you provide your staff training so they are up-to-date on security threats?

What is the NIST CSF? - Sedara Whiteboard Series

Welcome back to the Sedara Whiteboard series. In this episode, we will discuss frequently asked questions about NIST CSF. The NIST Cybersecurity Framework, developed by the National Institute of Standards and Technology, integrates industry standards and bast practices to help organizations manage their cybersecurity risks. It is widely used across schools, government organizations, and businesses across the globe. Sedara uses the NIST CSF as a basis for testing the posture of an organization’s security.