Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



NIST Cybersecurity Framework - All You Need To Know

The advent of technology and its latest innovations has come with its own challenges in the form of cyber attacks, and data theft, and protecting themselves from them is a task for most organizations and if not done properly, can leave the organizations vulnerable. This Blog Includes show What is NIST cybersecurity framework? All About NIST Why Is NIST Important? Make your Website / Web Application the safest place on the Internet.


What is NIST 800-161? Guide & Compliance Tips

NIST 800-161 — also identified as NIST Special Publication (SP) 800-161 — was published in April 2015 as Supply Chain Risk Management Practices for Federal Information Systems and Organizations. In May 2022, a year after President Biden’s Executive Order on Improving the Nation’s Cybersecurity, NIST produced a revised version, NIST 800-161 rev. 1 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations.


New Feature: NIST CSF Mitigation Recommendations

Does your organization currently speak in the NIST framework language? Say bye-bye to manual mapping and say HELLO to filling out inputs in the NIST CSF framework. This new release helps security teams better align with the organization’s internal communications around security controls. We know that staying consistent with the company’s terminology can better help you achieve your goals.


Five Things to Know About the NIST CSF 2.0

The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is undergoing a major update. Originally released in 2014, the NIST CSF is one of the most widely used cybersecurity frameworks helping organizations understand and manage their cybersecurity risk. NIST is currently updating the CSF to align with the latest cybersecurity trends and best practices, with the expected release date of the CSF 2.0 slated for the first quarter of 2024.

Ensure a secure IT environment with integrated network vulnerability management

NIST's National Vulnerability Database shows a quintuple increase in attacks against firmware in the last four years. These statistics indicate that cyber criminals have continually improved their techniques in penetrating your network via firmware vulnerabilities. To combat these malicious actions, let's first discuss the components that are vulnerable to these attacks.
Arctic Wolf

NIST SP 800-171: What You Need to Know

Like many industries, the federal government and the Department of Defense (DoD) are more digital, more dispersed, and work with more third parties than ever before. This shift means that information the departments deal with, referred to as controlled unclassified information, needs to be protected due to its high value.


A Quantum Arms Race in Cybersecurity

In 2001, NIST (the US National Institute of Standards and Technology) announced Advanced Encryption Standard (AES), a new encryption standard, designed to help organisations enhance protections against brute force attacks. The previous Data Encryption Standard (DES) had become vulnerable, with processing power growing, and the Electronic Frontier Foundation (EFF) had proved that DES encryption could be broken in less than 24 hours, therefore a new encryption standard was required.


How Trustwave Uses the NIST Framework to Inform Strategy and Mitigate Cybersecurity Risk

The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is one of several “gold level” standards used by public and private organizations as the basis for their cybersecurity protocols. It is also the benchmark utilized by Trustwave to protect our clients. NIST rolled out the CSF in 2014 as a set of guidelines for mitigating organizational cybersecurity risks.


NIST Password Guidelines

Since 2014, the National Institute of Standards and Technology (NIST), a U.S. federal agency, has issued guidelines for managing digital identities via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, and has been updated as recently as 2019. Revision 4 was made available for comment and review; however, revision 3 is still the standard as of the time of this blog post.