NIST SP 800-47 Rev. 1: Managing the Security of Information Exchanges
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-47 Rev. 1 Managing the Security of Information Exchanges.
Standards & Guidelines
CIS Controls Version 8
The Center of Internet Security (CIS) in coordination with the SANS Institute and through a consortium of security experts, U.S. agencies such as the NSA, coordinated the CIS Controls Version 8 (formerly known as “Critical Security Controls” or CSC) to help simplify and prioritize list of controls that would have the greatest impact to an organization in improving risk posture against cyber threats.
NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics and a set of general access control guidance for cloud service models. An abstract from SP 800-53: This publication provides …
NIST SP 800-53B: Control Baselines for Information Systems and Organizations
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53B Control Baselines for Information Systems and Organizations.
NIST SP 800-208: Recommendation for Stateful Hash-Based Signature Schemes
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes.
NIST SP 800-209: Security Guidelines for Storage Infrastructure
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-209 Security Guidelines for Storage Infrastructure.
NIST SP 800-210: General Access Control Guidance for Cloud Systems
The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-210 General Access Control Guidance for Cloud Systems.
5 Good Cybersecurity Lessons Learned From FTC Law Enforcement Actions
Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST’s Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.
NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.