Premium Content

Access "Data encryption, notification and the NIST Cybersecurity Framework"

Kathleen Richards, features editor Published: 28 Mar 2014

The Framework for Improving Critical Infrastructure Cybersecurity, newly released by the U.S. Commerce Department's National Institute of Standards and Technology (NIST), got tremendous play a year ago at the RSA Conference in San Francisco. Even though NIST is a non-regulatory federal agency, a capacity crowd attended former head of Homeland Security Michael Chertoff's talk during the "Special Forum on Cybersecurity: New Directions from the White House" session at the annual security confab. Kathleen Richards Released on February 12, the NIST Cybersecurity Framework Version 1 debuted on schedule -- in time for this year's RSA Conference. Despite collaboration among government, industry and academia to develop the "voluntary, risk-based" framework, the initial clamor of the information security crowd has dissipated because little has changed. While the president's executive order proclaimed that the private sector should voluntarily follow the NIST cybersecurity guidelines -- which offer organizations, regulators and customers information on risk management,... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free

  • Strategies for a successful data protection program

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn’t

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...