Collaborate Disseminate
Criminals have found to their cost that reducing a device to a pile of rubble means nothing if the internal chips are still in working order. Continue reading NIST tests methods of recovering data from smashed smartphones
How do you ensure you’re compliant with privacy regulations? NIST has released a Privacy Framework to help you get your house in order. Continue reading NIST’s new privacy rules – what you need to know
Here are five myths about the Zero Trust security strategy that could be hindering wider adoption In a highly digitized world, the stakes behind committing a cybercrime have never been higher, with global spending greater than $124 billion on IT produ… Continue reading Myths About Zero Trust Exposed
A vocal senator on U.S. cybersecurity matters wrote on Monday to four government agencies, seeking more information about how they are working to mitigate cyber risk in the health care sector. Sen. Mark Warner, D-Va., asked the agencies how they were working to resolve apparent security vulnerabilities and urged them to provide strategic recommendations on how to fend off attacks in the medical sector. Warner’s office wrote to the Food and Drug Administration, the Department of Health and Human Services, the Centers for Medicare and Medicaid Services and National Institute of Standards and Technology. The letter comes amid ongoing scrutiny over an apparent lack of security at many health care organizations. Hackers have haunted the industry for years, leveraging medical devices to steal valuable personal information or launch highly publicized ransomware attacks. The senator last week asked a number of health care organizations how the federal government can more effectively help rectify […]
The post Security ills of health care sector draw senator’s attention appeared first on CyberScoop.
Continue reading Security ills of health care sector draw senator’s attention
The U.S. government’s standards clearinghouse for science and technology says that an encryption standard it established in 2001 has had an economic impact of a quarter of a trillion dollars over the years, according to a report released Wednesday. The National Institute of Standards and Technology set out in 1997 to find a new encryption algorithm for use in the federal agencies to replace the Data Encryption Standard (DES), the government’s prevailing yet aging standard at the time. The result was the Advanced Encryption Standard (AES), an algorithm born of collaboration from the greater cryptography community. According to the report, commissioned by NIST and prepared by RM Advisory Services, AES has added more than $250 billion in value to the economy since it became available. AES is part of the Federal Information Processing Standards, which agencies across the government use to guide their information security and interoperability. The encryption standard is […]
The post NIST estimates $250 billion economic impact from its encryption standard appeared first on Cyberscoop.
Continue reading NIST estimates $250 billion economic impact from its encryption standard
The National Institute of Standards and Technology on Monday released a much-anticipated update to its Cybersecurity Framework, which provides organizations with guidelines for implementing cybersecurity practices. Updates in Version 1.1 include refreshed guidelines on authentication and identity; cyber risk self-assessments; managing supply chain cybersecurity; and vulnerability disclosure. “This update refines, clarifies and enhances Version 1.0,” said Matt Barrett, program manager for the framework, in the release. “It is still flexible to meet an individual organization’s business or mission needs, and applies to a wide range of technology environments such as information technology, industrial control systems and the Internet of Things.” President Donald Trump issued an executive order in May 2017 directing all federal agencies to use the Cybersecurity Framework, including future versions, to manage cybersecurity risk. Beyond that, the framework also serves as reference point for the private sector. “First, business leaders and policymakers view the Framework as a pillar for managing enterprise […]
The post NIST releases updated cybersecurity framework appeared first on Cyberscoop.
Continue reading NIST releases updated cybersecurity framework
Most organizations only grow in security maturity the hard way — that is, from the intense learning that takes place in the wake of a costly data breach. That may be because so few company leaders really grasp the centrality of computer and network security to the organization’s overall goals and productivity, and fewer still have taken an honest inventory of what may be at stake in the event that these assets are compromised. Continue reading The Value of a Hacked Company
Most organizations only grow in security maturity the hard way — that is, from the intense learning that takes place in the wake of a costly data breach. That may be because so few company leaders really grasp the centrality of computer and network security to the organization’s overall goals and productivity, and fewer still have taken an honest inventory of what may be at stake in the event that these assets are compromised. Continue reading The Value of a Hacked Company
The EFF has raised concerns about how it impacts First Amendment rights to freedom of speech and religion. Continue reading Tattoo recognition technology “raises significant First Amendment questions”