Lookout is Collaborating With the U.S. Government on a New Vision for Zero Trust

In early 2020, almost every government agency embraced telework in response to the pandemic. With telework, employees operate outside the security perimeter that was put in place to protect them and the agency’s data. As a result, telework has had significant cybersecurity ramifications. Lookout has a long history of collaborating with the public sector to secure agency employees.


NIST's New Draft for Ransomware Risk Management

Cyberattacks against businesses of all sizes are at all-time highs. Data from 2021 and projections for the future of cybersecurity suggest that the frequency and intensity of these attacks will only continue to grow. At the forefront of most cyberattacks in 2020 was ransomware, a type of malicious malware attack where attackers encrypt your organization’s data and demand payment in exchange for a decryption key to restore access.


Evaluating encryption with the NIST Protect framework

A variety of cyber security frameworks exist to help organisations in different sectors to go about IT security in a rigorous and controlled manner. To name a few, there's ISO IEC 27001/ISO 27002, the US NIST Cyber security Framework and the UK NIS Regulations Cyber Assessment Framework. The frameworks are an excellent way to help formalise the process of implementing and maintaining effective cyber security strategies through defined structures containing processes, practices, and technologies which companies can use to secure network and computer systems from security threats.

NIST Zero Trust Architecture Compliance

Zero Trust network security framework suggests that administrators trust no one and subject all users to full authentication and authorization prior to any user-to-application request. The National Institute of Standards and Technology (NIST) has published recommended best practices organizations can put in place to minimize cyber risk and exposure.

Getting Application Security Back on the Rails

In its Interagency Report 7695, the National Institute of Standards and Technology (NIST) defined an application as “a system for collecting, saving, processing, and presenting data by means of a computer.” This broad term covers enterprise applications, consumer applications, and even phone apps. Security is important in all these types of applications, but the focus is not always the same. Let’s explore how below.


NIST vs SOC 2: What's the Difference?

When the subject is cybersecurity compliance, the National Institute of Standards and Technology (NIST) is often the first reference that comes to mind. NIST has been around for decades, and its standards for the development of cybersecurity risk management programs are considered the gold standard. There is, however, another standard that applies to service providers that handle customer data, as well as to those firms’ business partners: the SOC 2 audit.


Executive Order Update: NIST Establishes a Definition for Critical Software and Outlines Scan Requirements for Software Source Code

On May 12, 2021, President Biden announced an executive order to improve the nation’s cybersecurity. The order, which outlines security initiatives and timelines, calls for the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) to enhance the security of the software supply chain.


The NIST Cybersecurity Framework: Security Checklist And Best Practices

The National Institute of Standards and Technology (NIST) is part of the US Department of Commerce and was founded in 1901. NIST was originally established to help the U.S. industry become more competitive with economic rivals and peers, such as the UK and Germany. NIST prioritizes developing measurements, metrics, and standards for technology used in different industries.

Kickstart Guide to Implementing the NIST Cybersecurity Framework

Cybersecurity practitioners worldwide use the NIST Cybersecurity Framework to strengthen their security program and improve their risk management and compliance processes. The framework is voluntary, but it offers proven best practices that are applicable to nearly any organisation. However, it can seem daunting at first because it includes so many components.