Blog Posts Tagged with "NIST"

201d6e4b7cd0350a1a9ef6e856e28341

Unintentional ICS Cyber Incidents Have Had Significant Impacts on Nuclear Plants – Why Aren’t they Being Addressed?

October 02, 2014 Added by:Joe Weiss

The NIST definition of a cyber incident as defined in FIPS PUB 200, Minimum Security Requirements for Federal Information and Information System, is electronic communications between systems or systems and people that impacts Confidentiality, Integrity, and/or Availability. The incident doesn’t have to bemalicious or targeted to be a cyber incident

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

The NIST Cyber Security Framework Completely Misses the Mark

January 06, 2014 Added by:Rohit Sethi

The NIST Cyber Security Framework completely lacks any mention of application security. We predict that organizations will likewise adopt the framework with scant attention paid to secure software, which will lull them into a false sense of security.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Cyber Security Framework Lacks Mitigating Controls and Cloud Security

December 11, 2013 Added by:Anthony M. Freed

Given the pace that both government and the private sector are migrating mission-critical operations to managed service providers, should NIST take steps to identify Cloud-based offerings as part of the nation’s critical infrastructure?

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

How Do I Measure the Success of a Training Program?

November 19, 2013 Added by:Rohit Sethi

An information security training program is crucial for ensuring and maintaining a good security posture; in order to effectively manage this program you have to be able to measure it. This article introduces a concept recommended by NIST in their Special Publication 800-16, for evaluating training effectiveness.

Comments  (0)

6d117b57d55f63febe392e40a478011f

RSA Abandons Suspect NIST Encryption Algorithm

September 21, 2013 Added by:Anthony M. Freed

EMC's RSA security unit sent an advisory to their developer customers warning against use of a toolkit that employs an NIST encryption algorithm by default that is suspected to have been “backdoored” by the NSA.

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST: Guide to Rating Software Vulnerabilities from Misuse

July 29, 2012 Added by:Headlines

A new guide from the National Institute of Standards and Technology (NIST) describes a "scoring system" that computer security managers can use to assess the severity of security risks arising from software features that are designed under an assumption that users are operating these features as intended...

Comments  (0)

21d6c9b1539821f5afbd3d8ce5d96380

GSA Seeks Cloud Brokerage Information

July 28, 2012 Added by:Kevin L. Jackson

The objective of this RFI is to learn more about how government can further leverage the key characteristics and advantages of cloud computing to save money and increase IT efficiencies. CSB's are one concept that GSA is exploring and this RFI contains questions specific to cloud brokerages...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST: Test Framework for Upgrading Smart Electrical Meters

July 13, 2012 Added by:Infosec Island Admin

"Companies will be able to tailor these generic test criteria to their own systems. To make it an effective framework, we made sure that it contains consistent, repeatable tests they can run, producing documentation that contains adequate, accurate information regardless of the individual system..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Releases Federal ID Security Standard Draft for Comment

July 12, 2012 Added by:Headlines

The document is the next step toward updating Federal Information Processing Standard (FIPS) 201. Among its requirements are that all PIV cards contain an integrated circuit chip, a personal identification number and protected biometric data—a printed photograph and two electronically stored fingerprints...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Conducts Big Data Workshop

June 14, 2012 Added by:Infosec Island Admin

In this first NIST 'Big Data' workshop, key national priority topics will be explored, including examples from science, health, disaster management, security, and finance. At the same time, topics in emerging technology areas including analytics and architectures will also be discussed...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Cybersecurity Center Kicks Off with Workshop

June 11, 2012 Added by:Headlines

The workshop’s goal is to introduce the center, which will bring together experts from industry, government and academia to develop practical, interoperable cybersecurity approaches that address the real-world needs of complex IT systems...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Intel Executive Joins NIST Advisory Committee

June 08, 2012 Added by:Headlines

Under Secretary of Commerce for Standards and Technology and NIST Director Patrick Gallagher has selected William M. Holt, senior vice president and general manager of Intel Corporation's Technology and Manufacturing Group, to serve on the Visiting Committee on Advanced Technology (VCAT)...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Workshop: Safeguarding Health Information

May 30, 2012 Added by:Infosec Island Admin

The HIPAA Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Workshop: The Technical Aspects of Botnets

May 16, 2012 Added by:Infosec Island Admin

NIST seeks to engage all stakeholders to identify the available and needed technologies and tools to recognize, prevent, and remediate botnets; explore current and future efforts to develop botnet metrics and methodologies for measuring and reporting botnet metrics over time...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Risk Management for the Electricity Sector

May 14, 2012 Added by:Infosec Island Admin

The DOE collaborated with the NIST and NERC to release a second draft of the Electricity Sector Cybersecurity Risk Management Process guideline, designed with the idea that cybersecurity risk management should be driven by the business needs of the company...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST: Secure Biometric Acquisition with Web Services

May 04, 2012 Added by:Headlines

Researchers at the NIST have developed a new protocol for communicating with biometric sensors over wired and wireless networks, called WS-Biometric Devices (WS-BD), allows desktops, laptops, tablets and smartphones to access sensors that capture biometric data using web services...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »