NIST Releases New Guidance for Assessing Risk

On September 1, the National Institute of Standards and Technology (NIST) released a new report that outlines the need for determining risk priorities and outlines options for properly treating risk. NISTIR8286B; Prioritizing Cybersecurity Risk for Enterprise Risk Management describes how risk priority and response information should be added to a cybersecurity risk register (CSRR). The…
Read More
NIST

Implementing the NIST Privacy Framework – Govern Function

The National Institute of Standards and Technology (NIST) Privacy Framework is a widely known control set used to assist organizations in identifying privacy risks within their business environment and allocating resources to mitigate these risks. Our team previously published an article outlining the best ways to leverage the NIST Privacy (NIST-P) Framework to assess data privacy posture,…
Read More
NIST

Implementing the NIST Privacy Framework – Identify Function

The National Institute of Standards and Technology (NIST) Privacy Framework, published in January 2020, is quickly becoming the mainstream control set for organizations to align with when assessing their data privacy posture, developing readiness roadmaps, and maturing their privacy program. We have previously written about how the controls in the NIST Privacy can be mapped to…
Read More
Cybersecurity

How Cybersecurity Frameworks Can Protect Your Organization (Even in the Event of a Breach)

It’s certainly no secret how damaging data breaches can be for organizations today. And if lost revenue and a tarnished reputation aren’t enough to make you want to act, your organization could face punitive damages if you fail to protect your customers’ private information. Yes, that’s right—steep fines imposed by regulatory agencies can await those…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More
NIST Privacy Framework

NIST Releases a Blueprint for Achieving Compliance With Data Privacy Laws

The California Consumer Privacy Act (CCPA) has been in effect for just over a month, and with updates already in the works, it is already facing pushback. Many companies are finding it difficult to craft a universally-compliant data privacy policy, especially because there are very few examples of data privacy policies that are flexible enough…
Read More
Back To Top