The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply chain attacks. NIST has published the “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” in response to the Executive Order […]
CISA and NIST published a report on software supply chain attacks that shed light on the associated risks and provide instructions on how to mitigate them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) released a joint advisory that provides trends and best practices related to […]
The U.S. House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. The U.S. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. The IoT Cybersecurity Improvement Act First was first introduced in […]
Crooks sometimes damage their mobile devices to destroy evidence, NIST tests forensic methods for getting data from damaged mobile phones Criminals sometimes damage their mobile phones in an attempt to destroy evidence. They might smash, shoot, submerge or cook their phones, but forensics experts can often retrieve the evidence anyway. Now, researchers at the National […]
The NIST released version 1.0 of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. The National Institute of Standards and Technology (NIST) has published the release version 1.0 of its privacy framework. The Framework is a voluntary tool that can be used by organizations to manage risks in compliance […]
US NIST updates its Automated Combinatorial Testing for Software (ACTS) research toolkit that should help experts in finding bugs in complex safety-critical applications. US NIST announced updated for its Automated Combinatorial Testing for Software (ACTS) research toolkit that should allow developers easily spot software errors in complex safety-critical applications. The ACTS toolkit allows development teams […]
The National Institute of Standards and Technology (NIST) is planning to use Artificial Intelligence to assign the CVSS scores to reported vulnerabilities. The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. A Common Vulnerability Scoring System (CVSS) score between 0.0 and 10.0 that is assigned to each flaw according to its severity. […]
The National Institute of Standards and Technology (NIST) has published a second draft of a proposed update to the NIST Cybersecurity Framework. “On December 5, 2017 NIST published the second draft of the proposed update to the Framework for Improving Critical Infrastructure Cybersecurity (a.k.a., draft 2 of Cybersecurity Framework version 1.1).” states the NIST. “This second […]
The NIST Small Business Information Security: The Fundamentals guide aims to provide basic cybersecurity recommendations to small businesses. I have always stressed the necessity to improve cyber security posture for small businesses that are most exposed to threat actors across the world. Now the National Institute of Standards and Technology has released a cybersecurity guide to […]
The National Institute of Standards and Technology (NIST) has issued a draft of a self-assessment tool named Baldrige Cybersecurity Excellence Builder. The tool is based on the Baldrige Performance Excellence Program and the risk management mechanisms of NIST cybersecurity framework. The Baldrige Cybersecurity Excellence Builder was designed to help enterprises to measure the effectiveness of their implementation of the […]