Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NIST

What's New in NIST 2.0?

NIST has long been an important acronym in the world of cybersecurity, where organizations have for years used the NIST Cybersecurity Framework to help guide their security investments. But the practices and controls associated with NIST have evolved recently, due to the release of NIST 2.0. If you’re stuck in the era of NIST 1.x, it’s time to adapt.

ISO 27001 vs NIST: The Differences and How They Overlap

When you consider national and global cybersecurity, a handful of names stand out. Two of the largest are NIST and ISO/IEC. Both of these organizations have issued plenty of rulings and frameworks for securing digital systems, and in a sense, they can be viewed as competitors. So, what’s the difference, where is the overlap, and which option is right for your business?

Updates and Evolution of the NIST Cybersecurity Framework: What's New?

The NIST Cybersecurity Framework (CSF), published by the US National Institute of Standards and Technology (NIST), is a widely used set of guidelines for mitigating organizational cybersecurity risks. It contains recommendations and standards to help organizations identify and detect cyberattacks and advice on how to respond, prevent, and recover from cybersecurity incidents.

What You Need to Know About the NIST Cybersecurity Framework 2.0

Ten years ago, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework (CSF) 1.0 following an Executive Order from President Obama to help companies and governments facing cybersecurity attacks. In 2014, data breaches were escalating. Major Fortune 500 companies and household names, such as Target, Yahoo, 7-11, Visa, and more, experienced heaps of customer data theft, online fraud and attacks from malware.

How CMMC Will Improve Your Cybersecurity Posture

In the ever-evolving landscape of cybersecurity, safeguarding critical data from unauthorized access is paramount. Our recent webinar, “Shut the Front Door,” provided invaluable insights aimed at business leaders, operations executives, and IT managers within the government contracting community, emphasizing the necessity of robust access control measures and adherence to regulations like the FAR, DFARS, and NIST 800-171.

NIST CSF 2.0 - SDLC for Continuous Improvement of Security

This is an analysis of the impacts and implications on cybersecurity practices, benefits, challenges, and how to deal with the transition to the new NIST CSF 2.0 framework. NIST released an update to its Cyber Security Framework (CSF) in February 2024. Two of the most obvious takeaways from this version are the addition of a new pillar and the expansion of its application beyond critical infrastructure.

SSDF BSIMM mapping updated for BSIMM14

In early March 2024, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released its final Secure Software Development Attestation Form instructions, sparking a renewed urgency around understanding and complying with 31 of the 42 tasks in NIST SP 800-218 Secure Software Development Framework (SSDF) version 1.1.