NIST

Home/Tag: NIST

Most recent FTC ruling makes clear – All US Companies are required to implement and monitor an information security program

While HIPAA and PCI compliance are now part of our collective business vernacular, the majority of US companies still remain unaware of national information risk management standards. In specific industries, companies have accepted that they must fulfill the requirements of specific acts. From Critical Infrastructure to Healthcare, these fields now require cybersecurity as a function within their entities' risk management portfolios. Beyond, third-party vendors are required to sign Business Associate Agreements (BAA) that extend the scrutiny to an ever expanding [...]

Supply Chain Management is Not Secure By Any Standard…but there’s hope!

I’ll give you a taste of the NIST Cybersecurity Framework Audit. This is question 4 of 99 asked in the CSF Audit: “ID.BE-4: Dependencies and critical functions for delivery of critical services are established” – In other words, what services do you need to operate your business, and oh by the way, which businesses out there rely on you to conduct their own business? So the third-party vendor vulnerability has become HUGE. This is the reason almost half of our [...]

Malware… for humans?

Imagine going to your general practitioner's office for an annual physical. Your doctor checks your blood pressure, your heart rate, your temperature. Your doctor likely quizzes you about your diet, exercise, smoking habits, whether your artificial body parts are up-to-date with the latest patches. Wait. What? As if we didn't have enough devices to stay on top of. The benefits of treating chronic conditions with medical devices, such as a pacemaker or an artificial pancreas, are recognized; however, keeping those [...]

Cyber insurance regulations: Senate probes federal data breach protections bill

Cyber insurance is becoming a significant market force that will drive improved cyber security for both companies and by extension the consumers and the nation as a whole. It is more than just an instrument to transfer risk, it provides incentives to understand and mitigate risks. To wit, attached is a summary of the most recent Senate hearing: U.S. Sen. Jerry Moran (R-Kan.), chair of the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security, held a hearing March [...]

Cyber insurance regulations: Senate probes federal data breach protections bill

Cyber insurance is becoming a significant market force that will drive improved cyber security for both companies and by extension the consumers and the nation as a whole. It is more than just an instrument to transfer risk, it provides incentives to understand and mitigate risks. To wit, attached is a summary of the most recent Senate hearing: U.S. Sen. Jerry Moran (R-Kan.), chair of the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security, held a hearing March [...]

2017-06-22T20:19:42-04:00By |Tags: , , , , , |