On September 6, 2019, the National Institute of Standards and Technology released a preliminary draft of its Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management.
Continue Reading
National Institute of Standards and Technology
NIST Issues Draft Cybersecurity Guidelines for Federal Contractors Holding Highly Sensitive Unclassified Information
Posted on
Posted in Information Security
The National Institute of Standards and Technology’s recently issued draft SP 800-171B guidelines. This blog entry provides an overview of the prospective changes. …
Continue Reading
NIST Seeks Public Comment on Managing Internet of Things Cybersecurity and Privacy Risks
Posted on
Posted in Cybersecurity, Information Security
The U.S. Department of Commerce’s National Institute of Standards and Technology recently announced that it is seeking public comment on Draft NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. The document is to be the first in a planned series of publications that will examine specific aspects of the IoT topic.…
Continue Reading
NIST Launches Privacy Framework Effort
Posted on
Posted in Cybersecurity, Information Security
On September 4, 2018, the Department of Commerce’s National Institute of Standards and Technology announced a collaborative project to develop a voluntary privacy framework to help organizations manage privacy risk.…
Continue Reading
GSA to Upgrade Cybersecurity Requirements
Posted on
Recently, the General Services Administration announced its plan to upgrade its cybersecurity requirements in an effort to build upon the Department of Defense’s new cybersecurity requirements that became effective on December 31, 2017.…
Continue Reading
NIST Releases Proposed Updates to Cybersecurity Framework
Posted on
Posted in Cybersecurity
On January 10, 2017, the National Institute of Standards and Technology released proposed updates to the Framework for Improving Critical Infrastructure Cybersecurity, which include a new section on cybersecurity measurement and refinements to better account for authentication, authorization and identity proofing. …
Continue Reading
NIST Releases Privacy Engineering and Risk Management Guidance for Federal Agencies
Posted on
Posted in Information Security
On January 4, 2017, the National Institute of Standards and Technology announced the final release of NISTIR 8062, An Introduction to Privacy Engineering and Risk Management in Federal Systems. NISTIR 8062 describes the concept of applying systems engineering practices to privacy and sets forth a model for conducting privacy risk assessments on federal systems. …
Continue Reading
NIST Issues Guidance on Cybersecurity for Internet-Connected Devices
Posted on
Posted in Cybersecurity, Information Security
On November 14, 2016, the National Institute of Standards and Technology published guidance on cybersecurity for internet-connected devices, Systems Security Engineering: Considerations for A Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. …
Continue Reading
NHTSA Releases New Automobile Cybersecurity Best Practices
Posted on
The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).…
Continue Reading
NHTSA Set to Release New Automobile Cybersecurity Best Practices
Posted on
Posted in Cybersecurity
On October 14, 2016, the National Highway Transportation Administration indicated in a letter to Congress that it intends to issue new best practices on vehicle cybersecurity. This letter came in response to an earlier request from the House Committee on Energy and Commerce that NHTSA convene an industry-wide effort to develop a plan to address vulnerabilities posed to vehicles by On-Board Diagnostics ports. …
Continue Reading