NIST

Evaluating encryption with the NIST Protect framework

Sep 1, 2021 By SecureAge

A variety of cyber security frameworks exist to help organisations in different sectors to go about IT security in a rigorous and controlled manner. To name a few, there's ISO IEC 27001/ISO 27002, the US NIST Cyber security Framework and the UK NIS Regulations Cyber Assessment Framework. The frameworks are an excellent way to help formalise the process of implementing and maintaining effective cyber security strategies through defined structures containing processes, practices, and technologies which companies can use to secure network and computer systems from security threats.

Get White Paper

SecureAge

Read more about Evaluating encryption with the NIST Protect framework

NIST Zero Trust Architecture Compliance

Aug 18, 2021 By Axis Security

Zero Trust network security framework suggests that administrators trust no one and subject all users to full authentication and authorization prior to any user-to-application request. The National Institute of Standards and Technology (NIST) has published recommended best practices organizations can put in place to minimize cyber risk and exposure.

Get White Paper

Axis Security

Read more about NIST Zero Trust Architecture Compliance

Getting Application Security Back on the Rails

Aug 9, 2021 By Lamar Bailey In Tripwire

In its Interagency Report 7695, the National Institute of Standards and Technology (NIST) defined an application as “a system for collecting, saving, processing, and presenting data by means of a computer.” This broad term covers enterprise applications, consumer applications, and even phone apps. Security is important in all these types of applications, but the focus is not always the same. Let’s explore how below.

Read Post

Tripwire

Read more about Getting Application Security Back on the Rails

NIST vs SOC 2: What's the Difference?

Jul 28, 2021 By RiskOptics Labs In RiskOptics

When the subject is cybersecurity compliance, the National Institute of Standards and Technology (NIST) is often the first reference that comes to mind. NIST has been around for decades, and its standards for the development of cybersecurity risk management programs are considered the gold standard. There is, however, another standard that applies to service providers that handle customer data, as well as to those firms’ business partners: the SOC 2 audit.

Read Post

RiskOptics

Read more about NIST vs SOC 2: What's the Difference?

Executive Order Update: NIST Establishes a Definition for Critical Software and Outlines Scan Requirements for Software Source Code

Jul 19, 2021 By Chris Wysopal In Veracode

On May 12, 2021, President Biden announced an executive order to improve the nation’s cybersecurity. The order, which outlines security initiatives and timelines, calls for the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) to enhance the security of the software supply chain.

Read Post

Veracode

Read more about Executive Order Update: NIST Establishes a Definition for Critical Software and Outlines Scan Requirements for Software Source Code

The NIST Cybersecurity Framework: Security Checklist And Best Practices

Jul 16, 2021 By Emily Heaslip In Nightfall

The National Institute of Standards and Technology (NIST) is part of the US Department of Commerce and was founded in 1901. NIST was originally established to help the U.S. industry become more competitive with economic rivals and peers, such as the UK and Germany. NIST prioritizes developing measurements, metrics, and standards for technology used in different industries.

Read Post

Nightfall

Read more about The NIST Cybersecurity Framework: Security Checklist And Best Practices

Cybersecurity sketchnotes: How the NIST cybersecurity framework could benefit you

Jul 10, 2021 By Netwrix In Netwrix

In the final episode of the series, our cybersecurity expert covers the NIST cybersecurity framework purpose and benefits.

View Video

Netwrix

Read more about Cybersecurity sketchnotes: How the NIST cybersecurity framework could benefit you

Kickstart Guide to Implementing the NIST Cybersecurity Framework

Jun 26, 2021 By Netwrix

Cybersecurity practitioners worldwide use the NIST Cybersecurity Framework to strengthen their security program and improve their risk management and compliance processes. The framework is voluntary, but it offers proven best practices that are applicable to nearly any organisation. However, it can seem daunting at first because it includes so many components.

Get EBook

Netwrix

Read more about Kickstart Guide to Implementing the NIST Cybersecurity Framework

Is NIST Mandatory?

Jun 7, 2021 By RiskOptics Labs In RiskOptics

You don’t have to spend a long time in the cybersecurity and information technology world before someone brings up NIST compliance. Since the agency’s inception in 1901 — yes, it’s that old — the National Institute of Standards and Technology has been trusted as the guardian of all proper measurements and standards, including cybersecurity standards meant to increase data security. NIST, which these days is part of the U.S.

Read Post

RiskOptics

Read more about Is NIST Mandatory?

How to Apply the Risk Management Framework (RMF)

Jun 1, 2021 By Steven Tipton In Tripwire

The Risk Management Framework (RMF) is most commonly associated with the NIST SP 800-37 guide for “Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach,” which has been available for FISMA compliance since 2004. It was updated in December 2018 to revision 2. This was the result of a Joint Task Force Transformation Initiative Interagency Working Group; it’s something that every agency of the U.S.

Read Post