NIST's Ron Ross, one of the world's top information risk thought leaders, says new guidance he co-wrote doesn't dictate how organizations must approach risk assessment, but gives enterprises options ...

NIST has released Special Publication (SP) 800-172A, Assessing Enhanced Security Requirements for Controlled Unclassified Information, to support the protection of controlled unclassified information ...

The National Institute of Standards and Technology finalized assessment procedures to correspond with updated information system security and privacy controls, in its latest special publication ...

SANTA CLARA, Calif.--(BUSINESS WIRE)--AttackIQ®, the leading independent vendor of breach and attack simulation solutions and a founding research partner of the MITRE Engenuity Center for ...

Two cybersecurity compliance and conformance programs - Underwriters Laboratory (UL) 2090 Cybersecurity Assurance Program and the National Institute of Standards and Technology (NIST) Cybersecurity ...

Too many healthcare providers fail to conduct comprehensive, timely risk assessments, as required under HIPAA as well as the HITECH Act, says security consultant Kate Borten, president of The ...

Let’s be real—cybersecurity isn’t just for tech giants or IT departments anymore. In today’s world, every business is fair game. Whether you’re a boutique agency or a fast-scaling startup, cyber ...

NIST-based assessments are a great way to bring IT and leadership onto the same page. They help you turn security into a strategic advantage, not just another budget line item. Final Thoughts: Build ...

The U.S. government is under pressure to improve cybersecurity and is meeting that challenge with a commitment to substantially enhance spending for protecting IT systems. The Obama administration ...

The National Institute for Standards and Technology has published a draft questionnaire that companies and other organizations can use to assess their cybersecurity “maturity” — a response, NIST says, ...

NIST has released draft guidelines on assessing security requirements for controlled unclassified information, and it is inviting organizations to comment. The publication has been developed to help ...