U.S. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention

The critical infrastructure of the United States includes all those systems and assets that are essential to the proper functioning, economy, health, and safety of American society. The roads and railways that we travel on; the Internet and the mobile … Continue reading U.S. Critical Infrastructure: Addressing Cyber Threats and the Importance of Prevention

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors.

IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can … Continue reading Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

WEBINAR: How to Get Enterprise Cyber Security for your Mid-Sized Organization

High-quality cybersecurity posture is typically regarded as the exclusive domain of the large and heavy resourced enterprises – those who can afford a multi-product security stack and a skilled security team to operate it.

This implies a grave risk to… Continue reading WEBINAR: How to Get Enterprise Cyber Security for your Mid-Sized Organization

Why NIST is so popular in Japan

While all organizations around the globe continue to grapple with chronic shortages of qualified cybersecurity workers, Japan is tackling the problem in a significant way by turning to two U.S. government technology frameworks to help manage its own information security manpower shortages. Japanese industry has turned to the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and National Initiative for Cybersecurity Education (NICE) Workforce Framework in an effort to fill the unique cybersecurity skills gap characteristic of Japanese companies. Speaking at NIST’s Cybersecurity Risk Management Conference in Baltimore, Maryland, Masato Kimura, a manager in the cybersecurity R&D planning department at Japanese telecom giant NTT, said that the NIST workforce framework in particular plays a pivotal role in Japan due to the high level of reliance by Japanese companies on outsourced IT and cybersecurity personnel. In the U.S., around 71.5 percent of IT professionals work in-house, but in Japan, only 24.8 […]

The post Why NIST is so popular in Japan appeared first on Cyberscoop.

Continue reading Why NIST is so popular in Japan

Translating the NCWF: What it Means and Why It Matters to Your Workforce

The theme for week two of National Cyber Security Awareness Month (NCSAM) focuses on what organizations can do to create a culture of cyber security within the workplace, including the …
The post Translating the NCWF: What it Means and Why It Matters… Continue reading Translating the NCWF: What it Means and Why It Matters to Your Workforce

With flexibility in mind, NIST unveils latest draft of cyber framework

The new version of the federal Cybersecurity Framework being drafted at the National Institute of Standards and Technology will be “backwards compatible,” a workshop at the agency’s Gaithersburg, Maryland, headquarters was told Tuesday. It means organizations already using version 1.0 will be able to seamlessly adopt the new draft, NIST’s Matthew Barrett told attendees. As a result, he said, there would be less flexibility to tinker with the higher level concepts in the framework, like the five key functions that make up its core: identify, protect, detect, respond and recover. But each function is divided and subdivided and there’s more flexibility to add or delete concepts at those levels, Barrett explained. Adding or removing is fine, but “moving items to a different place in the conceptual framework” will break most implementations, he said, because companies or other organizations using it will have aligned their business processes with the structure in 1.0. Nonetheless, attendees […]

The post With flexibility in mind, NIST unveils latest draft of cyber framework appeared first on Cyberscoop.

Continue reading With flexibility in mind, NIST unveils latest draft of cyber framework

HHS working on cyber guidelines for health industry

The U.S. Department of Health and Human Services, taking a cue from Congress, has begun developing principles and best practices for cybersecurity in health care, officials said Tuesday. “We had an information day … and we are kicking off next week,” said Julie Anne Chua, from the office of the department’s chief information officer. She spoke at a cybersecurity workshop at the National Institute of Standards and Technology. Section 405d of the 2015 Cybersecurity Act — passed as part of the massive omnibus appropriations nearly 18 months ago — is titled “Aligning health care industry security approaches.” It mandates the HHS secretary “to lead a task group to put together a set of voluntary, consensus-based principles and best practices for cybersecurity in the health sector,” explained Chua. As the law requires, it will be consistent with the NIST Cybersecurity Framework and the privacy and security provisions of the Health Insurance Portability and […]

The post HHS working on cyber guidelines for health industry appeared first on Cyberscoop.

Continue reading HHS working on cyber guidelines for health industry