Standards & Guidelines

CIS Controls Version 8

The Center of Internet Security (CIS) in coordination with the SANS Institute and through a consortium of security experts, U.S. agencies such as the NSA, coordinated the CIS Controls Version 8 (formerly known as “Critical Security Controls” or CSC) to help simplify and prioritize list of controls that would have the greatest impact to an organization in improving risk posture against cyber threats.

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics and a set of general access control guidance for cloud service models. An abstract from SP 800-53: This publication provides …

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations Read More »

5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions

Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST’s Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.