NIST Archives - | ̽��Ƶ

Beyond “Checklist” Compliance: Resilience in Healthcare Cybersecurity

Keren de Via — Wed, 22 Apr 2026 14:40:42 +0000

For healthcare and medical institutions, dealing with sensitive information comes with the territory of patient care. In 1996, The Health Insurance Portability and Accountability Act (HIPAA) set several regulations for protecting patient privacy; however, it has few guidelines with how … Continue reading →

The post Beyond “Checklist” Compliance: Resilience in Healthcare Cybersecurity appeared first on | ̽��Ƶ.

Why Supply Chain Risk Management is Now a Public Sector Resilience Priority

Jeff Ladner — Tue, 31 Mar 2026 18:00:08 +0000

From ransomware disrupting city services to vendor failures impacting school operations, supply chain failures seem to be dominating the headlines lately. Naturally, whether your organization is in the Private or Public Sector, you’ll want to avoid attracting attention for the … Continue reading →

The post Why Supply Chain Risk Management is Now a Public Sector Resilience Priority appeared first on | ̽��Ƶ.

Removing Complexity from Compliance: Buoyant and TestifySec

Abby Costin — Wed, 04 Feb 2026 21:23:16 +0000

Traditionally, achieving an Authorization to Operate (ATO) has been a grueling marathon. It often demands expensive consulting fees, lengthy manual documentation and no clear visibility into where your architecture actually stands against NIST 800-53 requirements. For organizations running cloud-native architectures … Continue reading →

The post Removing Complexity from Compliance: Buoyant and TestifySec appeared first on | ̽��Ƶ.

The Process-Oriented View: CISO Visibility During an OT Attack

Michael G. "Schu" Schumacher — Thu, 13 Nov 2025 20:39:26 +0000

When a cyber incident occurs in an operational technology (OT) environment, understanding what is actually happening can become difficult. Control systems may continue to display normal readings even if attackers have begun manipulating logic or feedback within Programmable Logic Controllers … Continue reading →

The post The Process-Oriented View: CISO Visibility During an OT Attack appeared first on | ̽��Ƶ.

Preparing Federal Systems for Post-Quantum Security: A Strategic Approach

Gina Scinta — Mon, 09 Jun 2025 17:51:58 +0000

Federal agencies face an urgent timeline to protect their most sensitive data from quantum computing threats. Quantum computers leverage physics principles like superposition and entanglement to perform calculations faster than classical computers, posing a significant threat to current encryption standards. … Continue reading →

The post Preparing Federal Systems for Post-Quantum Security: A Strategic Approach appeared first on | ̽��Ƶ.

From Concept to Implementation: Operationalizing Zero Trust Architecture in Government Environments

Norman Wong — Tue, 27 May 2025 18:29:04 +0000

Zero Trust has evolved over the last 15 years into a cornerstone of Federal cybersecurity strategy, influencing enterprises as well as State and Local Governments. While the principles of continuous authentication and least privilege are widely accepted, many organizations still … Continue reading →

The post From Concept to Implementation: Operationalizing Zero Trust Architecture in Government Environments appeared first on | ̽��Ƶ.

Modern Fraud Threats in Government Relief Programs: How Agencies Can Defend Against Cybercrime

Joe Rogers — Tue, 20 May 2025 13:28:06 +0000

A recent investigation by CBS News’ “60 Minutes” has highlighted a significant issue: organized crime rings, often operating from overseas, are using stolen identities to steal billions of dollars from the U.S. Federal and State programs. These sophisticated fraud schemes … Continue reading →

The post Modern Fraud Threats in Government Relief Programs: How Agencies Can Defend Against Cybercrime appeared first on | ̽��Ƶ.

Bridging Identity Governance and Dynamic Access: The Anatomy of a Contextual and Dynamic Access Policy

Frank Briguglio — Thu, 06 Feb 2025 22:15:16 +0000

As organizations adapt to increasingly complex IT ecosystems, traditional static access policies fail to meet modern security demands. This blog instance continues to explore how identity attributes, and governance controls impact contextual and dynamic access policies—as highlighted previous articles; Governing … Continue reading →

The post Bridging Identity Governance and Dynamic Access: The Anatomy of a Contextual and Dynamic Access Policy appeared first on | ̽��Ƶ.

Governing Identity Attributes in a Contextual and Dynamic Access Control Environment

Frank Briguglio — Thu, 16 Jan 2025 21:13:22 +0000

In the rapidly evolving landscape of cybersecurity, federal agencies, the Department of Defense (DoD), and critical infrastructure sectors face unique challenges in governing identity attributes within dynamic and contextual access control environments. The Department of Defense Instruction 8520.04, Identity Authentication … Continue reading →

The post Governing Identity Attributes in a Contextual and Dynamic Access Control Environment appeared first on | ̽��Ƶ.

Vice President for StateRAMP Solutions, ̽��Ƶ: StateRAMP: Recognizing the Importance of Framework Harmonization

John Lee and Drew Scherer — Thu, 16 Jan 2025 16:22:00 +0000

StateRAMP builds on the National Institute of Standards and Technology (NIST) Special Publication 800-53 standard, which underpins FedRAMP’s approach to cloud security for Federal agencies by offering a consistent framework for security assessment, authorization and continuous monitoring. Recognizing the need … Continue reading →

The post Vice President for StateRAMP Solutions, ̽��Ƶ: StateRAMP: Recognizing the Importance of Framework Harmonization appeared first on | ̽��Ƶ.

NIST Archives - | ̽����Ƶ