Tag: NIST

February 27, 2024

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]

September 18, 2023

Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports. The lawsuit, recently unsealed, is a qui tam complaint (in Latin “who as well,”) meaning it was filed […]

June 12, 2023

The term “attack surface management” (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years. Gartner and Forrester have both highlighted the importance of ASM recently, multiple solution providers have emerged in the space, and […]

May 3, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of […]

August 11, 2021

In this interview with Help Net Security, Amanda L. Joyce, Group Leader, Strategic Cybersecurity Analysis & Research, Argonne National Laboratory, offers her unique perspective on the modern information security landscape. What are the most important takeaways from your decade of […]

July 23, 2021

In response to the 62% global increase in ransomware since 2019 (158% increase in North America) and over 40% of manufacturing firms suffering a cyberattack last year, Onclave Networks recommends manufacturers adopt zero trust architecture and security guidelines as supported […]

July 29, 2020

Face masks not only have shown in research to slow the spread of COVID-19, they also deter facial-recognition technology from correctly identifying people, according to a new study. New research from the National Institute of Standards and Technology (NIST) found […]

March 7, 2019

Data privacy has been thrust into the limelight with the passage of the General Data Protection Regulation in Europe last year and a string of high-profile consumer privacy snafus. The National Institute of Standards and Technology has plans to help […]

November 6, 2018

The National Institute of Standards and Technology (NIST) is planning to use Artificial Intelligence to assign the CVSS scores to reported vulnerabilities. The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information security vulnerabilities and exposures. […]

August 20, 2018

US president Donald Trump signed the NIST Small Business Cybersecurity Act last week, a law that will help small businesses with resources to fend off cyberattacks, as part of a comprehensive governmental strategy to improve cybersecurity. The act was written […]

March 2, 2017

Legislation calling on the National Institute of Standards and Technology to develop outcome metrics to demonstrate the effectiveness of the NIST Cybersecurity Framework is scheduled to be considered – and likely amended – at a markup session of the House […]

February 23, 2017

US federal entities are trying to help energy companies improve their security strategies after a series of hacks of US companies intensified concern. The attacks followed one last year that lead to a blackout in Kiev and attacks in 2015 […]

January 18, 2017

The National Institute of Standards and Technology has published a draft of its first revision to its cybersecurity framework, describing it as an update, not a major overhaul. “Just to be clear, we’re not headed toward a version 2.0 right […]

December 8, 2016

Two-factor authentication (2FA), also known as multi-factor authentication, might not be enough, the US National Institute of Standards and Technology (NIST) has repeatedly warned us this year. Meant to provide an extra layer of security by sending a code to […]

July 26, 2016

The National Institute for Standards and Technology (NIST) has released a Digital Authentication Guideline draft proposing that all services abandon SMS-based two-factor authentication and use tokens and software cryptographic authenticators. Because messages can be redirected to a VoIP service and […]

January 28, 2016

SCADA stands for Supervisory Control and Data Acquisition, being the consecrated denomination since the 70s for the remote monitoring and control activities necessary in modern industrial activities. A subcategory of the general ICS (Industrial Control Systems), SCADA systems gained importance […]

October 7, 2015

The National Institute of Standards and Technology (#nist) has published a draft document for comment, in order to tackle two main threats to email services: #phishing Leaking confidential information NIST says that “In phishing, hackers use forged emails to trick […]