Access "Data encryption, notification and the NIST Cybersecurity Framework"
This article is part of the April 2014 Vol. 16 / No. 3 issue of Is your mobile security strategy combating the wrong enemy?
The Framework for Improving Critical Infrastructure Cybersecurity, newly released by the U.S. Commerce Department's National Institute of Standards and Technology (NIST), got tremendous play a year ago at the RSA Conference in San Francisco. Even though NIST is a non-regulatory federal agency, a capacity crowd attended former head of Homeland Security Michael Chertoff's talk during the "Special Forum on Cybersecurity: New Directions from the White House" session at the annual security confab. Kathleen Richards Released on February 12, the NIST Cybersecurity Framework Version 1 debuted on schedule -- in time for this year's RSA Conference. Despite collaboration among government, industry and academia to develop the "voluntary, risk-based" framework, the initial clamor of the information security crowd has dissipated because little has changed. While the president's executive order proclaimed that the private sector should voluntarily follow the NIST cybersecurity guidelines -- which offer organizations, regulators and customers information on risk management,... Access >>>
Premium Content for Free.
Beyond the Page: Strategies for a secure mobile device program
by Andrew Hoog, contributor
This Beyond the Page focuses on how mobile application management can help CISOs move beyond consumer-oriented endpoints and their security tradeoffs.
Endpoint security software market retools
by Jon Oltsik
Organizations face a dangerous threat landscape that demands new endpoint security controls and oversight.
- Beyond the Page: Strategies for a secure mobile device program by Andrew Hoog, contributor
Mobile security: The battle beyond malware
by Andrew Hoog
Combating the wrong enemy? Evolving threats and new attack surfaces demand your mobile security strategy keep pace.
How Cisco's 'Application Centric Infrastructure' differs from SDN
by Sally Johnson, Contributor
As Cisco rolls out a hardware-based alternative to software-defined networking approaches, what does it all mean for security?
- Mobile security: The battle beyond malware by Andrew Hoog
Data encryption, notification and the NIST Cybersecurity Framework
by Kathleen Richards, features editor
Awkward? The NIST Cybersecurity Framework arrives as the U.S. government struggles to counter negative reports on its data privacy and encryption standards.
Marcus Ranum and Anton Chuvakin explore big data and security
by Marcus Ranum
When will big data technologies move past the hype and help security teams?
Women in cybersecurity: The time is now
by Eric B. Parizo, Executive Editor
With the field in urgent need of practitioners, the chief of a new cybersecurity program at a small women's college believes he can make a difference.
- Data encryption, notification and the NIST Cybersecurity Framework by Kathleen Richards, features editor
More Premium Content Accessible For Free
Devising a security strategy for the modern network
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
The big data challenge: What's in store for NoSQL security
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...
A comprehensive guide to securing the Internet of Things
As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ...