NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA) network strategy. Read More
Digest Article
Topic: National Institute of Standards and Technology (NIST)
Reference Document
NIST Invites Comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture
NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA) network strategy. Zero trust refers to an evolving set of network security paradigms that narrows defenses from wide network perimeters to individuals or small groups of resources. Read More
Digest Article
NIST Working on Industrial IoT Security Guide for Energy Companies
The U.S. National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence (NCCoE), this week announced that it's working on a project whose goal is to help the energy sector secure industrial Internet of Things (IIoT) systems. Read More
Digest Article
NIST’s Ron Ross on the State of Cyber: ‘We Literally are Hemorrhaging Critical Information’
After Chinese hackers infiltrated a Navy subcontractor's computer network and stole a trove of highly sensitive data on submarine warfare, it spurred the government to revise the standards that contractors must follow to ensure government data is properly protected data. Read More
Podcast
Meeting DFARS Controlled CUI Compliance
Defense Federal Acquisition Regulation Supplement (DFARS) established guidelines that required all government contractors to establish a program to protect Controlled Unclassified Information (CUI). All federal contractors were required to meet DFARS minimum security standards by December 31, 2017 or risk losing their DoD contracts. The CSIAC webinar that Read More
Reference Document
NIST Releases Draft Update of the Risk Management Framework: Special Publication 800-37 Revision 2
This update to NIST Special Publication 800-37 (Revision 2) responds to the call by the Defense Science Board, Executive Order 13800, and OMB Memorandum M-17-25 to develop the next-generation Risk Management Framework (RMF) for information systems, organizations, and individuals. There are seven major objectives for this update: Provide closer Read More
Reference Document
Report on Post-Quantum Cryptography
Abstract: In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems Read More
Reference Document
Framework for Improving Critical Infrastructure Cybersecurity Version 1.1
Abstract: This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework's prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important Read More
Podcast
CS Digest Roundtable #2: Meltdown/Spectre, NIST Framework, GDPR Policy, and Romanian Hackers
In today's episode the CSIAC takes the most important articles in a past CS Digest and discusses the articles' importance in the world of technology and cyber security. Read More
CSIAC Webinar
Meeting DFARS Controlled Unclassified Information (CUI) Compliance Standards for Federal Contractors
Defense Federal Acquisition Regulation Supplement (DFARS) established guidelines that required all government contractors to establish a program to protect Controlled Unclassified Information (CUI). All federal contractors were required to meet DFARS minimum security standards by December 31, 2017 or risk losing their DoD contracts. This webinar will detail Read More
