NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
The National Institute of Standards and Technology is carving a new path for vulnerability remediation by changing the way it prioritizes software flaws.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The National Institute of Standards and Technology is carving a new path for vulnerability remediation by changing the way it prioritizes software flaws.
Federal agencies will no longer be required to solicit software bills of material (SBOMs) from tech vendors, nor attestations that they comply with NIST's Secure Software Development Framework (SSDF). What that means long term is unclear.
The U.S. National Institute of Standards and Technology (NIST) updated its Privacy Framework to work cohesively with its Cybersecurity Framework and guide organizations to develop stronger postures to handle privacy risks..
Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices
Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create strong password policies. [...]
Revised Framework to Address Emerging IoT Risks and TechnologiesThe U.S. National Institute of Standards and Technology plans to revise its Internet of Things cybersecurity framework to address evolving risks posed by emerging technologies and use cases, such as AI and immersive tech. The proposed updates will broaden the focus to entire product ecosystems.
Fall is in the air and frameworks for mitigating AI risk are dropping like leaves onto policymakers’ desks. From California’s SB 1047 bill and NIST’s model-testing deal with OpenAI and Anthropic to REAIM’s blueprint for military AI governance, AI regulation is proving to be a hot and complicated topic.
It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild
Having a robust identity continuity plan is not just beneficial but essential for avoiding financially costly and potentially brand-damaging outages.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China's civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success.
The updated framework is an equalizer for smaller organizations to meet the industry at its breakneck pace of innovation.
The missing ingredient in NIST's newest cybersecurity framework? Recovery.
The National Institute of Standards and Technology's updated Cybersecurity Framework 2.0 can help healthcare organizations better formalize their governance functions to enhance their cybersecurity posture and resilience, said Robert Booker, chief strategy officer at HITRUST.
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the official 2.0 version of the Cyber Security Framework (CSF).
NIST just-released its Cybersecurity Framework (CSF) 2.0, which seems to have SaaS security in mind. Learn more from Adaptive Shield about how the NIST 2.0 framework can help detect SaaS threats. [...]
The National Institute of Standards and Technology (NIST) has revised the book on creating a comprehensive cybersecurity program that aims to help organizations of every size be more secure. Here's where to start putting the changes into action.
The original was definitely getting a bit long in the tooth for modern challenges After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF).…
NIST has made further tweaks to Version 2.0 of its Cybersecurity Framework following feedback from the cybersecurity community
New CSF Adds 'Governance' to Core FunctionsCybersecurity guidance for the private sector published by the U.S. National Institute of Standards and Technology in 2014 has received its first major update. The revised Cybersecurity Framework focuses on governance and says cybersecurity threats are a major source of enterprise risk.