NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA) network strategy.
NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust architecture (ZTA) network strategy. Zero trust refers to an evolving set of network security paradigms that narrows defenses from wide network perimeters to individuals or small groups of resources.
A draft version of that new guidance publicly released June 19 lays out 31 new recommendations for contractors to harden their defenses and protect unclassified (but still sensitive) government data that resides on their networks from advanced persistent threats (APT) or government-sponsored hackers.
U.S. Senator Ron Wyden sent a letter to the National Institute of Standards and Technology (NIST) Director Walter G. Copan urging the agency to develop and issue standards as part of a guidance framework for securely sharing sensitive documents over the Internet.
This update to NIST Special Publication 800-37 (Revision 2) responds to the call by the Defense Science Board, Executive Order 13800, and OMB Memorandum M-17-25 to develop the next-generation Risk Management Framework (RMF) for information systems, organizations, and individuals. There are seven major objectives for this update: Provide closer
Abstract: In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems
Abstract: This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework's prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important
The IEEE Software Technology Conference (STC) is a leading software conference that targets software practitioners from industry, government, and academia. The conference provides a forum for leading software practitioners to share opportunities, challenges, and successes. The rich exchange of ideas, technologies, data, and best practices will help