News Alerts and Breach Report for May 16, 2022

NIST Releases Cybersecurity Supply Chain Guidance The National Institute of Standards and Technology (NIST) released guidance on supply chain cybersecurity this week in response to the Biden administration’s Executive Order 14028—Improving the Nation’s Cybersecurity. The guidance, Software Supply Chain Security…

Read More
NIST

NIST Publishes Draft Security Criteria for Consumer Software

Consumer software providers will soon have the option to label their software as compliant with National Institute of Standards and Technology (NIST) standards for software security. On November 1, 2021, NIST published its initial draft of this standard in a white paper titled “DRAFT Baseline Criteria for Consumer Software Cybersecurity Labeling” (the White Paper). The…
Read More
Data Protection

Opinion: How the U.S. Government’s Efforts Can Improve Data Privacy and Protection in 2021

This year, cybersecurity incidents, such as data breaches, have led to the proliferation of identity theft and fraud, facilitated by a lack of digital identity verification credentials. Additionally, data privacy legislation has gained momentum at the state level and become a key area of concern for lawmakers and citizens alike. Meanwhile, artificial intelligence and blockchain…
Read More

NIST Releases New Guidance for Assessing Risk

On September 1, the National Institute of Standards and Technology (NIST) released a new report that outlines the need for determining risk priorities and outlines options for properly treating risk. NISTIR8286B; Prioritizing Cybersecurity Risk for Enterprise Risk Management describes how risk priority and response information should be added to a cybersecurity risk register (CSRR). The…
Read More
NIST

Implementing the NIST Privacy Framework – Govern Function

The National Institute of Standards and Technology (NIST) Privacy Framework is a widely known control set used to assist organizations in identifying privacy risks within their business environment and allocating resources to mitigate these risks. Our team previously published an article outlining the best ways to leverage the NIST Privacy (NIST-P) Framework to assess data privacy posture,…
Read More
NIST

Implementing the NIST Privacy Framework – Identify Function

The National Institute of Standards and Technology (NIST) Privacy Framework, published in January 2020, is quickly becoming the mainstream control set for organizations to align with when assessing their data privacy posture, developing readiness roadmaps, and maturing their privacy program. We have previously written about how the controls in the NIST Privacy can be mapped to…
Read More
Cybersecurity

How Cybersecurity Frameworks Can Protect Your Organization (Even in the Event of a Breach)

It’s certainly no secret how damaging data breaches can be for organizations today. And if lost revenue and a tarnished reputation aren’t enough to make you want to act, your organization could face punitive damages if you fail to protect your customers’ private information. Yes, that’s right—steep fines imposed by regulatory agencies can await those…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More
Back To Top