NIST

netwrix

NIST 800-53: A Guide to Compliance

The NIST 800-53 standard offers solid guidance for how organizations should select and maintain customized security and privacy controls for their information systems. NIST SP 800-53 Revision 5 is one of many compliance documents you need to familiarize yourself with if you are working with information technology. This post breaks it down for you into digestible pieces that emphasize the standard’s practical meaning and application.

redscan

Redscan analysis of NIST NVD reveals record number of critical and high severity vulnerabilities in 2020

The report is based on an analysis of more than 18,000 Common Vulnerabilities and Exposures (CVEs) logged to NIST’s National Vulnerability Database in 2020. It reveals that well over half (57%) were rated ‘high’ or ‘critical’ severity – the highest recorded figure for any year to date. Our analysis also looks beyond severity scores, detailing the rise of low complexity vulnerabilities as well as those which require no user interaction to exploit.

forgerock

Accelerate Compliance of NIST SP 800-63-3 with ForgeRock

No matter how much security and interoperability it brings, the thought of ‘compliance’ always brings a resigned sigh. Yet, from the U.S. Federal Government (Fed) to state and local governments and educational institutions (SLED), complying with guidelines and standards is a must not only for security but for interoperability and cost reduction.

tripwire

NIST Cybersecurity Framework - The Key to Critical Infrastructure Cyber Resiliency

In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses to carry out operational activities, but it is also the backbone for the United States’ critical infrastructure.

tripwire

NIST SP 800-128 - Because Patching May Never Fix Your Hidden Flaws

Over the last few years, the idea of patching systems to correct flaws has graduated from an annoying business disruption to a top priority. With all of the notorious vulnerabilities that can wreak total havoc, the time it takes to patch becomes a minor inconvenience when weighed against both the technical challenges and possible regulatory penalties of not patching.

logsign

How to Comply with the NIST Cybersecurity Framework

Since NIST Cybersecurity Framework is the best solution for better prevention, detection, and response to cybersecurity incidents, various organizations have adopted it to safeguard their IT assets. The 2019 SANS OT/ICS Cybersecurity Survey spells out the NIST CSF as the number one cybersecurity framework in use today. However, it is imperative to consider that how should we comply with NIST CSF in 2020 and beyond? Here is some help!

tripwire

Zero Trust Architecture: What is NIST SP 800-207 all about?

“Doubt is an unpleasant condition, but certainty is an absurd one.” Whilst I claim no particular knowledge of the eighteenth-century philosopher Voltaire, the quote above (which I admit to randomly stumbling upon in a completely unrelated book) stuck in my mind as a fitting way to consider the shift from traditional, perimeter-focused ’network security’ thinking to that of ‘ZTA’ (Zero Trust Architecture.)

ivanti

How Government Agencies Defend Against Increasing Cyberthreats

Whether military, a civilian agency, or even a public education institution, organizations across the public sector have witnessed a substantial increase in cyberattacks. There were a number of hits on education around this time last year, and then on health-related agencies as the COVID-19 pandemic struck. So, how do government agencies ensure their security posture is up to the task of defending against increasingly opportunistic forces of evil?