DevSecOps Defined
Last Updated on April 4, 2023 Now well into its second decade, DevOps—the union of development and operations teams and
The post DevSecOps Defined appeared first on Pivot Point Security.
NIST
Steps CISA should take in 2023
Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I offer to help it have an even bigger impact in 2023 and beyond? It was only i…
NIST chooses encryption algorithms for lightweight IoT devices
ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology (NIST) has chosen to secure the data generated by Internet of Things (IoT) devices: implanted med…
MITRE CREF Navigator empowers enterprises to improve cyber resiliency strategies
MITRE released the Cyber Resiliency Engineering Framework (CREF) Navigator — a free, visualization tool that allows organizations to customize their cyber resiliency goals, objectives, techniques, as aligned with NIST SP 800-160, Volume 2 (Rev. 1), Nat…
Cyber Insights 2023: Quantum Computing and the Coming Cryptopocalypse
The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.
The post Cyber Insights 2023: Quantum Computing and the Coming Cryptopocalypse appeared first on SecurityWeek.
NIST Is Updating Its Cybersecurity Framework
NIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its concept paper.
- Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)?
- Are the proposed changes sufficient and appropriate? Are there other elements that should be considered under each area?
- Do the proposed changes support different use cases in various sectors, types, and sizes of organizations (and with varied capabilities, resources, and technologies)?
- Are there additional changes not covered here that should be considered?
…
Mapping Threat Intelligence to the NIST Compliance Framework Part 2
How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.
The post Mapping Threat Intelligence to the NIST Compliance Framework Part 2 appeared first on SecurityWeek.
10 Things You Might Not Know About Cyber Essentials
IASME delivers Cyber Essentials on behalf of UK NCSCBy Sam Jones | Cyber Tec Security and Dave WhiteleggWhat is Cyber Essentials? If you are just hearing about the Cyber Essentials scheme, read on as we unpack 10 things y…