Collaborate Disseminate
The NIST Cybersecurity Framework changed the way we think about security. Will NIST’s Privacy Framework have the same effect? Happy fifth anniversary to the NIST Cybersecurity Framework. When it was issued in February 2014, the goal of the Cyber… Continue reading Will the NIST Privacy Framework Change How We Approach Privacy?
When it comes to protecting the federal government from cyberattacks, simplicity is not that simple. That was the underlying message Monday during multiple panels at RSA Public Sector conference in San Francisco, where government cybersecurity experts and the federal contractors that carry out the government’s cybersecurity operations discussed why things are currently complicated and what it will take to make things easier. The government’s ongoing embrace of the cloud is helping move things in the right direction, but because agencies often follow a hybrid cloud model, watching over a government enterprise is still a highly complex task. Kevin Cox, the program manager for the Department of Homeland Security’s Continuous Diagnostics and Monitoring program, said Monday that it’s a challenge to ascertain exactly how each agency has its enterprise configured. “From our perspective, CDM is working with civilian agencies to have a foundation in place to have the proper visibility on […]
The post The struggle with simplifying the government’s cybersecurity efforts appeared first on CyberScoop.
Continue reading The struggle with simplifying the government’s cybersecurity efforts
In January, CyberSaint CEO George Wrenn penned his thoughts on the impact of the government shutdown. In his post, George foresaw the outcome of the shutdown not being a future talent shortage for government cybersecurity position but a brain drai… Continue reading Government Shutdown Cybersecurity Outcomes – Three Weeks Out
The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag that many, including TechCrunch, are currently citing as an indicat… Continue reading The Cybersecurity Skills Gap: The Defining Skills Shortage of Our Age
The Washington, D.C., area’s Metro system, in response to U.S. senators who raised security concerns about a new line of railcars, now says it will use the National Institute of Standards and Technology’s cybersecurity framework to vet software and hardware proposed for the project. Bidders on the railcar procurement, worth an estimated $1 billion and covering up to 800 railcars, also will have to show evidence that a third party tested their software or hardware, Washington Metropolitan Area Transit Authority CEO Paul J. Wiedefeld said Wednesday. The NIST framework — used widely throughout other industries and government agencies — is a key part of the updated request for proposal, Wiedefeld wrote in a letter to Democratic senators from Virginia and Maryland. “We are confident that these approaches will impose appropriate controls that limit any malicious actor’s ability to embed malware and for WMATA to monitor and enforce security requirements,” Wiedefeld wrote to […]
The post D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars appeared first on CyberScoop.
Continue reading D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars
As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s today are faced with developing digital risk management strat… Continue reading Digital Risk Management Frameworks
There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two main concerns arise within the cyber community speculating… Continue reading The Cybersecurity Impact Of The Government Shutdown Is Not What You Think
You’ve SOC 2-ed from here to eternity, and you’ve got GDPR in the bag, but if you’re truly focused on security maturity, you know that your work is never done. So, what’s next? Perhaps it’s time to focus on the National In… Continue reading What is the NIST Cybersecurity Framework?
Enterprise CIOs and CISOs face a constant barrage of challenges, often leaving them little choice but to rely on best-of-breed products to shore up their organization’s cybersecurity posture. In today’s fast-changing threat landscape, however, that can be a dangerous gamble. Whether you’re trying to modernize your IT, lower your operating costs or improve cybersecurity, how you build your network is often the determining factor in whether you succeed or fail. A new CyberScoop Tech Brief, sponsored by Cisco, explores how taking advantage of modern, sensor-aware servers, switches, routers and security devices not only enables a holistic cybersecurity strategy, but also lowers operating costs and improves performance. Realizing the potential modernization and cybersecurity improvements promised by the passage of the Modernizing Government Technology (MGT) Act calls for agencies and commercial enterprises alike to recognize that the key place to start is with the network. Strategically enabling the security features of existing […]
The post Tech Brief: Leveraging your network to fortify cybersecurity appeared first on Cyberscoop.
Continue reading Tech Brief: Leveraging your network to fortify cybersecurity
The National Institute of Standards and Technology (NIST) is known for its NIST Cybersecurity Framework, a set of voluntary best practices aimed at strengthening the protection of our nation’s critical infrastructure. Since NIST first unveiled the fram… Continue reading A NIST Framework That’s Not Like the Others