NIST Invites Public Comments on IR 8504

csrc.nist.gov / News & Updates

NIST Invites Public Comments on IR 8504
January 30, 2024

The initial public draft of NIST Internal Report (IR) 8504, Access Control on NoSQL Databases, is now available for public comment. The deadline to submit comments is March 15, 2024.

happens in almost 6480 years

Cybersecurity for Smart Inverters | NIST Releases Draft NIST IR 8498

csrc.nist.gov / News & Updates

Cybersecurity for Smart Inverters | NIST Releases Draft NIST IR 8498
May 10, 2024

NIST IR 8498 initial public draft, "Cybersecurity for Smart Inverters: Guidelines for Residential and Light Commercial Solar Energy Systems," is open for comment through June 10, 2024.

happens in about 6474 years

CCM v4.0 Addendum - ECUC PP v2.1

cloudsecurityalliance.org / Browse Publications

CCM v4.0 Addendum - ECUC PP v2.1

CCM v4.0 Addendum - ECUC PP v2.1
Release Date: 02/12/2024

This document is an addendum to the 'ECUC Position Paper v2.1 (ECUC PP v2.1) that contains controls mapping between the CSA CCM v4.0 and the ECUC PPv2.1. ...

Request to download
happens in 7 months

CyberTalks

cyberscoop.com / Cybersecurity Summit

happens in 5 months

ITModTalks

cyberscoop.com / Elastic: Public Sector Summit

happens in 4 months

IT Modernization Summit

cyberscoop.com / AI Week

happens in 4 months

Cloud Controls Matrix and CAIQ v4

cloudsecurityalliance.org / Browse Publications

Cloud Controls Matrix and CAIQ v4

Cloud Controls Matrix and CAIQ v4
Release Date: 05/08/2024

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA best practices, that is considered the de-facto s...

Request to download
happens in 3 months

ANSI and the International Society of Automation Explained

tripwire.com /

ANSI and the International Society of Automation Explained
Blog
Blog

ANSI and the International Society of Automation Explained

By Steven Sletten on Wed, 05/08/2024
As technologies advance and the world grows more complicated, collaboration and coordination have become increasingly important. Setting standards, sharing information, and bringing experts together are essential to safely developing technologies for national and global priorities, and the world needs organizations to fulfill this role. The American National Standards Institute (ANSI) and the...
Cybersecurity
Compliance
happens in 3 months

How Does PCI DSS 4.0 Affect Web Application Firewalls?

tripwire.com /

How Does PCI DSS 4.0 Affect Web Application Firewalls?
Blog
Blog

How Does PCI DSS 4.0 Affect Web Application Firewalls?

By Josh Davies on Mon, 01/08/2024
The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0 , heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the role and new mandate of web application firewalls (WAFs) in ensuring compliance. The shift from a best practice to a prescribed...
Compliance
PCI DSS
happens in 2 months

NIST Workshop on the Requirements for an Accordion Cipher Mode 2024

nist.gov / @Aliza Reisberg

FULL WORKSHOP DETAILS NIST will host a workshop on the development of a new block cipher mode of operation on June 20-21, 2024, at the National Cybersecurity Center of Excellence in Rockville, Maryland. Workshop Announcement/Call for Abstracts (PDF)
published about 1 month ago

Proposal to Revise SP 800-135 Rev. 1

csrc.nist.gov / News & Updates

Proposal to Revise SP 800-135 Rev. 1
May 15, 2024

NIST's Crypto Publication Review Board is proposing to revise Special Publication (SP) 800-135 Revision 1, "Recommendation for Existing Application-Specific Key Derivation Functions." Submit public comments through Friday, June 14, 2024.

happens in 24 days

2024 Iris Experts Group (IEG) Meeting

nist.gov / @Pauline Truong

The Iris Experts Group (IEG) will hold their annual meeting on Thursday June 13, 2024. The meeting will be virtual using the Zoom Meeting platform. The meeting is a full day meeting with breaks scattered through the day. The IEG is a forum for the
published 23 days ago

NICE Webinar: Empowering Refugee Communities in Cybersecurity Roles

nist.gov / @Susana Barraza

Speakers: To be announced. Synopsis: Join us for an insightful webinar exploring refugees' invaluable contributions to the cybersecurity landscape. The demand for skilled cybersecurity professionals continues to grow in today's rapidly evolving
published 23 days ago

FedTalks

cyberscoop.com / Zero Trust Summit

FedTalks

Jun 5, 2024

Andrew Mellon Auditorium

Register
happens in 15 days

The Impact of NIST SP 800-171 on SMBs

tripwire.com /

The Impact of NIST SP 800-171 on SMBs
Blog
Blog

The Impact of NIST SP 800-171 on SMBs

By Josh Breaker-Rolfe on Mon, 05/06/2024
From more broad laws like GDPR to industry-specific regulations like HIPAA , most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated. National Institute of Standards and Technology Special Publication...
Cybersecurity
Compliance
NIST
happens in 15 days

Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments

cloudsecurityalliance.org / Browse Publications

Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments

Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments
Release Date: 05/06/2024

Shadow Access, a growing concern within cloud computing and Identity and Access Management (IAM), refers to unintended, unauthorized access to systems and...

Request to download
happens in 15 days

The Impact of NIST SP 800-171 on SMBs

tripwire.com /

The Impact of NIST SP 800-171 on SMBs
Blog
Blog

The Impact of NIST SP 800-171 on SMBs

By Josh Breaker-Rolfe on Mon, 05/06/2024
From more broad laws like GDPR to industry-specific regulations like HIPAA , most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated. National Institute of Standards and Technology Special Publication...
Cybersecurity
Compliance
NIST
happens in 15 days

EMERGE: AI on the Frontlines

cyberscoop.com / AI Week

happens in 14 days

So You Want to Achieve NERC CIP-013-1 Compliance...

tripwire.com /

So You Want to Achieve NERC CIP-013-1 Compliance…
Blog
Blog

So You Want to Achieve NERC CIP-013-1 Compliance...

By Anastasios Arampatzis on Wed, 03/06/2024
Energy efficiency and availability is a major concern for all countries and governments. The electric grid is a vital sector, and any malfunctions will create ripple effects on any nation’s economy. As the grid is heavily dependent on cyber-enabled technologies and a vast chain of suppliers, contractors, and partners, the ability to safeguard the availability and reliability of the grid is crucial...
Compliance
Industrial Control Systems
happens in 13 days

So You Want to Achieve NERC CIP-013-1 Compliance...

tripwire.com /

So You Want to Achieve NERC CIP-013-1 Compliance…
Blog
Blog

So You Want to Achieve NERC CIP-013-1 Compliance...

By Anastasios Arampatzis on Wed, 03/06/2024
Energy efficiency and availability is a major concern for all countries and governments. The electric grid is a vital sector, and any malfunctions will create ripple effects on any nation’s economy. As the grid is heavily dependent on cyber-enabled technologies and a vast chain of suppliers, contractors, and partners, the ability to safeguard the availability and reliability of the grid is crucial...
Compliance
Industrial Control Systems
happens in 13 days

Standardizing Security in Diverse Sectors: A Template for STAR-Aligned Sector-Specific Standards

cloudsecurityalliance.org / Browse Publications

Standardizing Security in Diverse Sectors: A Template for STAR-Aligned Sector-Specific Standards

Standardizing Security in Diverse Sectors: A Template for STAR-Aligned Sector-Specific Standards
Release Date: 03/06/2024

The CSA Security, Trust, Assurance, and Risk (STAR) program encompasses the key principles of transparency, rigorous auditing, and harmonization of cybers...

Request to download
happens in 13 days

The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration

tripwire.com /

The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration
Blog
Blog

The Dangers of Default: Cybersecurity in the Age of Intent-Based Configuration

By Faisal Parkar on Tue, 02/06/2024
Technology has recently been evolving at the speed of light. We have seen the onset of increased cyber threats across all industries. Gone are the times when threat actors had a specific goal and target. We now live in an age where robots collect, collate, and save information for a more opportune and profitable day. It is ever more important to understand the security measures individuals and...
Compliance
Security Configuration Management
happens in 12 days

Incident Response Recommendations and Considerations: Draft SP 800-61r3

csrc.nist.gov / News & Updates

Incident Response Recommendations and Considerations: Draft SP 800-61r3
April 3, 2024

The initial public draft of Special Publication (SP) 800-61r3 (Revision 3), "Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile," is available for public comment, with comments due by May 20, 2024.

concluded about 23 hours ago

Identification and Remediation

old.reddit.com / @/u/Aggravating_Sea_2944, https://old.reddit.com/user/Aggravating_Sea_2944

Saw many tools which help with assessment of CMCC and NIST compliance. Did anyone come across documentation or tool which list of remediation plan to meet (or exceed) the security requirements?

For example, many requirements can be met with deploying policies, some with tools or process.

Thanks in advance for your help.

submitted by /u/Aggravating_Sea_2944
[link] [comments]
published 1 day ago

Cybersecurity

exostar.com /

CMMC, Compliance, Cybersecurity May 19, 2024

Unpacking POA&Ms: Guidelines and Limitations for CMMC Compliance

Whether you are learning about Cybersecurity Maturity Model Certification (CMMC) or already started a System Security Plan (SSP) and self-assessment, […]

Read More
published 2 days ago
Loading ...