NIST

veracode

Executive Order Update: NIST Establishes a Definition for Critical Software and Outlines Scan Requirements for Software Source Code

On May 12, 2021, President Biden announced an executive order to improve the nation’s cybersecurity. The order, which outlines security initiatives and timelines, calls for the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) to enhance the security of the software supply chain.

nightfall

The NIST Cybersecurity Framework: Security Checklist And Best Practices

The National Institute of Standards and Technology (NIST) is part of the US Department of Commerce and was founded in 1901. NIST was originally established to help the U.S. industry become more competitive with economic rivals and peers, such as the UK and Germany. NIST prioritizes developing measurements, metrics, and standards for technology used in different industries.

Kickstart Guide to Implementing the NIST Cybersecurity Framework

Cybersecurity practitioners worldwide use the NIST Cybersecurity Framework to strengthen their security program and improve their risk management and compliance processes. The framework is voluntary, but it offers proven best practices that are applicable to nearly any organisation. However, it can seem daunting at first because it includes so many components.
reciprocity

Is NIST Mandatory?

You don’t have to spend a long time in the cybersecurity and information technology world before someone brings up NIST compliance. Since the agency’s inception in 1901 — yes, it’s that old — the National Institute of Standards and Technology has been trusted as the guardian of all proper measurements and standards, including cybersecurity standards meant to increase data security. NIST, which these days is part of the U.S.

tripwire

How to Apply the Risk Management Framework (RMF)

The Risk Management Framework (RMF) is most commonly associated with the NIST SP 800-37 guide for “Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach,” which has been available for FISMA compliance since 2004. It was updated in December 2018 to revision 2. This was the result of a Joint Task Force Transformation Initiative Interagency Working Group; it’s something that every agency of the U.S.

reciprocity

What is Cybersecurity Risk Management?

Every time you log on to the Internet, you put your IT systems and the data you handle at risk. At the same time, it’s also impossible to run a successful business without going online, so a key element of modern business management is a strong cybersecurity risk management program. Why? Because the only people in the cybersecurity field working harder than software engineers are the criminals trying to find a new way to breach the latest network security measures.

reciprocity

What Is NIST?

NIST is the abbreviated name of the National Institute of Standards and Technology. It’s one of many federal agencies under the U.S. Department of Commerce, and is one of the oldest physical science laboratories in the United States. As a non-regulatory government agency, NIST was originally founded to enable greater industrial competitiveness in the United States. Its focus stems from the mantra, “One cannot manage what is not measured.

tripwire

What Is NIST SP 1800-27: Securing Property Management Systems?

In 2019, the hospitality industry suffered 13 percent of all data breaches, ranking third highest among targeted industries. It was two years later when NIST released SP 1800-27: Securing Property Management Systems to help hoteliers secure their Property Management Systems (PMS) and associated patron data.

tripwire

NIST SP 800-172 (Formerly SP 800-171B) Release Couldn't Come at a Better Time

NIST’s timely new release of Special Publication (SP) 800-172 (formerly referred to in draft form as 800-171B) provides exactly what its title says, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST SP 800-171. Yet it goes a step further to protect controlled unclassified information (CUI) specifically from APTs.