The National Institute of Standards and Technology (NIST) released the finalized version of NIST Special Publication (SP) 800-53B on October 29, which updates the security baselines under SP 800-53’s Revision 5 process. […]

Ron Ross has seen a lot during his 30-year career in cybersecurity, so asking him to pinpoint new cyber threats is a little like asking Tom Brady to talk about a blitz he has not faced during his NFL tenure. […]

While Congress has been slow to act on privacy issues, the National Institute of Standards and Technology (NIST) is getting out ahead of any Federal legislation when it comes to addressing the matter. […]

Software Development Operations, or DevOps, can go by many names. DevSecOps, inserts Security into the equation while DevSecEthOps throws ethics into the mix, but ultimately the goal of the process is to build secure software – fast. […]

DevSecOps, or development security operations, is not a term that rolls off the tip of your tongue in an “agile” way, but it is a process that is gaining momentum across the Federal government. […]

The National Institute of Standards and Technology (NIST) is working on a DevOps guidance with an emphasis on the inclusion of security into the process.  […]

Federal and Defense officials spoke at today’s Billington Cybersecurity Summit about procurement cybersecurity challenges they face and the initiatives they’ve launched to combat those hurdles by shifting toward a “security first” approach to acquisition and supply chain management. […]

The National Institute of Standards and Technology (NIST) has released draft two of Special Publication (SP) 800-160 Volume 2: Developing Cyber Resilient Systems. NIST Is seeking public comments on the draft through Nov. 1. […]

The National Institute of Standards and Technology (NIST) will be releasing the second volume of an engineering-based guidance that aims at assisting organizations with Advanced Persistent Threats (APT) on September 5, 2019. […]

Cybersecurity training and education programs need to emphasize systems engineering perspectives in order to fully understand system vulnerabilities, said leaders from the National Institute of Standards and Technology (NIST) during an Oct. 10 webinar hosted by the agency’s National Initiative for Cybersecurity Education (NICE). […]

The National Institute of Standards and Technology today announced the release of the final public draft of its Risk Management Framework (RMF), opening the newly-revised document to one more round of public comment before the RMF is expected to be finalized by the end of the year. […]

Federal agencies should reduce complexity to fight back against cybersecurity threats, government and private sector participants said during a panel at FCW’s Cybersecurity Summit. […]

Though new initiatives like the Cybersecurity Executive Order cover many of the same issues tackled by past administrations, the focus on IT modernization will make a big difference in actually improving cybersecurity, according to Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security. […]

The Unisys 2017 Security Index found that public concern over Internet security has increased more than any other security concern since their 2014 survey. “Our biggest percentage increase was in viruses, malware, and hacking activities,” said Bill Searcy, Unisys vice president of global justice, law enforcement, and border security. […]

The latest iteration of President Donald Trump’s executive order on cybersecurity will probably require Federal agencies to use the National Institute of Standards and Technology’s framework, according to Ron Ross, a fellow at NIST. […]

Technology developers and government agencies know how to incorporate cybersecurity into their products, but the question is whether they have the will to do it, according to National Institute of Standards and Technology fellow Ron Ross. […]

The division between Internet of Things developers and IT and cybersecurity experts is one of the core problems in securing IoT devices, according to government and industry experts. […]

The National Institute of Standards and Technology aims to improve communication with non-Federal systems containing Federal data through updates to its guidelines “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations,” also referred to as 800-171. […]