Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
The NIST compliance framework consists of 5 core functions: identify, protect, detect, respond and recover. In my previous column, I mapped threat intelligence capabilities to the NIST core function of Identify. In this column, I will continue the discussion by mapping threat intelligence to the additional functions of Protect, Detect and Respond. By doing so, […]
Continue ReadingTogether with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered in an unauthorized manner. Tripwire is very proud to have contributed and collaborated with other […]
Continue ReadingAnd THIS is why you don’t knit your own home-made encryption algorithms and hope no one looks at them.
Continue ReadingThe U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of quantum-resistant encryption tools, designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day — such as online banking […]
Continue ReadingPost-Quantum Cryptography Standardization: A New Milestone In some of our previous posts, we have already touched upon why the development of quantum computers poses challenges to the field of information security and how the standardisation bodies, most notably NIST, prepare for the post-quantum era of computing. This process reached its next milestone yesterday when NIST […]
Continue ReadingThe U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of quantum-resistant encryption tools, designed to withstand the assault of a future quantum computer, which could potentially crack the security used to protect privacy in the digital systems we rely on every day — such as online banking […]
Continue ReadingModern goods and services rely on a supply chain ecosystem, which are interconnected networks of manufacturers, software developers, and other service providers. This ecosystem provides cost savings, interoperability, quick innovation, product feature diversity, and the freedom to pick between rival providers. However, due to the many sources of components and software that often form a final […]
Continue ReadingThe National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply chain attacks. NIST has published the “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” in response to the Executive Order […]
Continue ReadingThe National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain. “[Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (C-SCRM)] encourages organizations to consider the vulnerabilities not only of a finished product they are considering using, but […]
Continue ReadingWith the CIA Triad, confidentiality commands much of the attention. Organizations fret over the unauthorized disclosure of their data, so they try to reduce the risks of that type of an incident. In so doing, however, enterprises commonly overlook the other two, integrity in particular. Ron Ross, a fellow at the National Institute of Standards […]
Continue Reading