Cybersecurity National Institute of Standards and Technology Cybersecurity Framework

Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and... more +
Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and stored electronically, the risks of attacks, leaks, and disclosures become more pronouced. The concept of Cybersecurity encompasses a broad array of issues, including governmental regulations to ward off cyber terrorists, industry data collection and maintenance practices, and consumer advocacy to ensure the privacy of individuals' personal and medical information.     less -
News & Analysis as of

NIST Releases Draft Update to Cybersecurity Framework

The National Institute of Standards and Technology (NIST) has released its first draft update to its 2014 Framework for Improving Critical Infrastructure Cybersecurity. The Framework was designed to provide guidance for...more

"Privacy & Cybersecurity Update - January 2017"

In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more

NIST’s Draft Update to Cybersecurity Framework Focuses on Third-Party Vendors and the Cost-Effectiveness of Cybersecurity Programs

On January 10, 2017, the National Institute of Standards and Technology (“NIST”) released a proposed update to its popular cybersecurity blueprint for organizations and businesses, known as the Framework for Improving...more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

NIST Updates Cybersecurity Framework Guidance

In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from...more

NIST Releases Update to Cybersecurity Framework

The National Institute of Standards and Technology (NIST) has issued an update to its Framework for Improving Critical Infrastructure Cybersecurity, which includes information relating to managing supply chain risks,...more

Privacy Alert: NIST Updates Cybersecurity Framework to Address Supply Chain Security

Last week, the National Institute of Standards and Technology (NIST), a measurement standards laboratory in the United States Department of Commerce, released draft version 1.1 of its Framework for Improving Critical...more

Presidential Commission Releases Cybersecurity Report And Recommendations

On December 1, 2016, the Commission on Enhancing National Cybersecurity issued its final report with a series of recommendations for the incoming administration on strengthening the country’s cybersecurity. As explained...more

NIST Cybersecurity Framework

Businesses today have their work cut out for them. Small or large, no organization is immune from cybersecurity threats. Added pressures arise from stepped up government regulatory oversight and enforcement that targets an...more

NIST and USCG Issue New Maritime Industry Cybersecurity Profile

In 2013, President Obama issued Executive Order 13636 and directed the Director of the National Institute of Standards and Technology (NIST) to “lead the development of a framework to reduce cybersecurity risks to critical...more

NIST Releases Draft NICE Cybersecurity Workforce Framework

We consistently comment about the importance of educating the next generation of students on cybersecurity. The earlier the better, as far as I am concerned-as early as the third grade. There is a dearth of cybersecurity...more

Draft Cybersecurity Self-Assessment Tool Published

The National Institute of Standards and Technology (NIST) recently published a draft cybersecurity self-assessment tool entitled “The Baldrige Cybersecurity Excellence Builder,” which provides organizations with a tool to...more

FTC Round-Up: NIST Framework Compliance Is Not Enough and Looming Ransomware Enforcement Activity

On August 31st and September 7th, 2016, the Federal Trade Commission (FTC) provided guidance regarding cybersecurity standards, which companies should consider when assessing their current data security posture....more

FTC Makes Clear that NIST Cyber Framework is Not a Cure-All

Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more

NIST and FAIR develop tool to merge cybersecurity risk standards

One key issue when developing a cybersecurity protocol for your business is ensuring compliance with industry standards to protect your business and adequately address cybersecurity risks. Fail to comply with the standard for...more

House Committee Asks NIST To Improve Cybersecurity For Retailers, Internet Of Things

On June 7, 2016, the House of Representatives’ Committee on Appropriations (the “Committee”) reported out a funding bill that would fund the National Institute of Standards and Technology (“NIST”) to work with the retail...more

New Guidance Maps HIPAA Security Rule to NIST Cybersecurity Framework to Help Providers Manage Cybersecurity Risk

In a world of looming data breaches and significant penalties for the release of protected health information, the complexities of cybersecurity and compliance with the HIPAA Security Rule can be incredibly daunting. In 2014,...more

Blog: HHS Releases Crosswalk Between HIPAA Security Rule and NIST Framework

The U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) recently released a “crosswalk” developed with the National Institute of Standards and Technology (NIST) mapping the Health Insurance...more

CFTC’s New Proposed Rules Mandate Extensive Cybersecurity Testing; Comments Due Feb. 22, 2016

On December 16, 2015, the Commodity Futures Trading Commission (“CFTC”) released two Notices of Proposed Rulemaking (“NPRMs” or “Proposed Rules”) that would, if finalized, supplement existing regulations covering the...more

FDA Issues Draft Guidance Governing Postmarket Cybersecurity Risk Management Standards

On January 15, 2016, the U.S. Food and Drug Administration (FDA) announced in a Press Release that it would issue draft guidance on January 22 outlining “steps medical device manufacturers should take to continually address...more

Recent Government Cyber Alert and Draft Guide for Financial Institutions: Lessons for All Organizations

All organizations, including financial institutions, continue to face significant security threats across their wide ranging IT systems. Such organizations are particularly vulnerable if they cannot track networked devices...more

What the Recent NAIC Financial Condition Examiners Handbook Changes Mean for Insurers

On September 21, 2015, the National Association of Insurance Commissioners (NAIC) IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook (“the Handbook”). The changes...more

Disclosure Of Numerous Hacks At The U.S. Department Of Energy Renews Cybersecurity Concerns In The Energy Sector

Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more

FTC Can Regulate Cybersecurity Practices, Third Circuit Rules

The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

111 Results
|
View per page
Page: of 5
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×