What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-05-02 12:00:00 | Protéger les mises à jour du modèle dans l'apprentissage fédéré préservant la confidentialité: deuxième partie Protecting Model Updates in Privacy-Preserving Federated Learning: Part Two (lien direct) |
Le problème Le post précédent de notre série a discuté des techniques pour fournir une confidentialité des entrées dans les systèmes PPFL où les données sont partitionnées horizontalement.Ce blog se concentrera sur les techniques pour assurer la confidentialité des entrées lorsque les données sont partitionnées verticalement.Comme décrit dans notre troisième post, le partitionnement vertical est l'endroit où les données de formation sont divisées entre les parties de sorte que chaque partie contient différentes colonnes des données.Contrairement aux données partitionnées horizontalement, la formation d'un modèle sur les données partitionnées verticalement est plus difficile car il n'est généralement pas possible de former des modèles séparés sur différents
The problem The previous post in our series discussed techniques for providing input privacy in PPFL systems where data is horizontally partitioned. This blog will focus on techniques for providing input privacy when data is vertically partitioned . As described in our third post , vertical partitioning is where the training data is divided across parties such that each party holds different columns of the data. In contrast to horizontally partitioned data, training a model on vertically partitioned data is more challenging as it is generally not possible to train separate models on different |
★★ | ||
|
2024-05-01 12:00:00 | Faire un tour!NIST Cybersecurity Framework 2.0: Guide de démarrage rapide des petites entreprises Take A Tour! NIST Cybersecurity Framework 2.0: Small Business Quick Start Guide (lien direct) |
La Small Business Administration des États-Unis célèbre la National Small Business Week du 28 avril au 4 mai 2024. Cette semaine reconnaît et célèbre les contributions importantes de la nation des petites entreprises à la nation.Les organisations à travers le pays participent en organisant des événements en personne et virtuels, en reconnaissant les chefs de petite entreprise et les fabricants de changements, et en soulignant des ressources qui aident la communauté des petites entreprises plus facilement et plus efficacement à l'échelle de leurs entreprises.Pour ajouter aux festivités, ce blog NIST Cybersecurity Insights présente le NIST Cybersecurity Framework 2.0
The U.S. Small Business Administration is celebrating National Small Business Week from April 28 - May 4, 2024. This week recognizes and celebrates the small business community\'s significant contributions to the nation. Organizations across the country participate by hosting in-person and virtual events, recognizing small business leaders and change-makers, and highlighting resources that help the small business community more easily and efficiently start and scale their businesses. To add to the festivities, this NIST Cybersecurity Insights blog showcases the NIST Cybersecurity Framework 2.0 |
★★ | ||
|
2024-04-22 12:00:00 | Donner un coup de pouce aux directives d'identité numérique NIST: complément pour incorporer des authentificateurs syncables Giving NIST Digital Identity Guidelines a Boost: Supplement for Incorporating Syncable Authenticators (lien direct) |
Nous avons tous besoin de suppléments parfois.Qu'il s'agisse d'un peu de vitamine C supplémentaire pendant la saison de la grippe ou de la vitamine D pendant les jours sombres de l'hiver.Lorsqu'ils sont utilisés correctement, les suppléments aident notre corps à s'adapter aux conditions changeantes qui nous entourent.De même, nous appliquons ce même concept pour la première fois à notre NIST SP 800-63B, directives d'identité numérique: authentification et gestion du cycle de vie.Aujourd'hui, nous avons publié un supplément qui fournit des conseils provisoires aux agences cherchant à utiliser les authentificateurs \\ 'syncables \' (par exemple, PassKeys) dans les cas d'utilisation des entreprises et des cas d'utilisation du public
We all need supplements sometimes. Whether it\'s a little extra vitamin C during flu season or some vitamin D during the dark days of Winter. When used correctly, supplements help our body adjust to the changing conditions around us. Similarly, we are applying this same concept for the first time to our NIST SP 800-63B, Digital Identity Guidelines: Authentication and Lifecycle Management. Today, we published a supplement that provides interim guidance for agencies seeking to make use of \'syncable authenticators\' ( for example, passkeys) in both enterprise-facing and public-facing use cases |
★★ | ||
|
2024-03-21 12:00:00 | Protéger les mises à jour du modèle dans l'apprentissage fédéré préservant la confidentialité Protecting Model Updates in Privacy-Preserving Federated Learning (lien direct) |
Dans notre deuxième article, nous avons décrit les attaques contre les modèles et les concepts de confidentialité d'entrée et de confidentialité de sortie.Dans notre dernier article, nous avons décrit le partitionnement horizontal et vertical des données dans les systèmes d'apprentissage fédéré (PPFL) préservant la confidentialité.Dans cet article, nous explorons le problème de la fourniture de confidentialité des entrées dans les systèmes PPFL pour le paramètre à partage horizontalement.Modèles, formation et agrégation pour explorer les techniques de confidentialité des entrées dans le PPFL, nous devons d'abord être plus précis sur le processus de formation.Dans un apprentissage fédéré à potion horizontalement, une approche commune consiste à demander à chaque participant de
In our second post we described attacks on models and the concepts of input privacy and output privacy . ln our last post , we described horizontal and vertical partitioning of data in privacy-preserving federated learning (PPFL) systems. In this post, we explore the problem of providing input privacy in PPFL systems for the horizontally-partitioned setting. Models, training, and aggregation To explore techniques for input privacy in PPFL, we first have to be more precise about the training process. In horizontally-partitioned federated learning, a common approach is to ask each participant to |
★★ | ||
|
2024-02-28 12:00:00 | Mises à jour sur le groupe de travail de standardisation de la cybersécurité internationale de NIST de NIST Updates on NIST\\'s Interagency International Cybersecurity Standardization Working Group (lien direct) |
En novembre dernier, j'ai eu le plaisir de présider la dernière réunion du groupe de travail international de standardisation de la cybersécurité interinstitutions (IICSWG) & # 8211;Un groupe NIST créé en 2016. Notre charge, de la Cybersecurity Enhancement Act of 2014, était de construire un mécanisme de coordination pour les agences gouvernementales afin de discuter des problèmes de normalisation internationale de la cybersécurité, conformément aux agences \\ 'responsabilités en vertu de la circulaire de l'OMB A-119.Depuis lors, IICSWG a grandi en tant que forum pour discuter des sujets de standardisation de la cybersécurité et de la confidentialité, examinant le paysage global de normalisation de la cybersécurité (
Last November, I was pleased to chair the most recent meeting of the Interagency International Cybersecurity Standardization Working Group (IICSWG) – a group NIST created in 2016. Our charge, from the Cybersecurity Enhancement Act of 2014, was to build a coordination mechanism for government agencies to discuss international cybersecurity standardization issues, consistent with agencies\' responsibilities under OMB Circular A-119. Since then, IICSWG has grown as a forum to discuss cybersecurity and privacy standardization topics, examine the overall cybersecurity standardization landscape ( |
★★ | ||
|
2024-02-27 12:00:00 | Distribution des données dans l'apprentissage fédéré préservant la confidentialité Data Distribution in Privacy-Preserving Federated Learning (lien direct) |
Cet article fait partie d'une série sur l'apprentissage fédéré préservant la vie privée.La série est une collaboration entre le NIST et l'unité d'adoption des technologies responsables du gouvernement britannique (RTA), précédemment connu sous le nom de Center for Data Ethics and Innovation.En savoir plus et lire tous les articles publiés à ce jour sur l'espace de collaboration d'ingénierie de la vie privée de NIST ou le blog de RTA \\.Notre premier article de la série a introduit le concept d'apprentissage fédéré et décrit en quoi il est différent de l'apprentissage centralisé traditionnel - dans l'apprentissage fédéré, les données sont distribuées entre les organisations participantes, et
This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government\'s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST\'s Privacy Engineering Collaboration Space or RTA\'s blog . Our first post in the series introduced the concept of federated learning and described how it\'s different from traditional centralized learning - in federated learning, the data is distributed among participating organizations, and |
★★ | ||
|
2024-02-26 12:00:00 | Mise à jour du voyage!Le NIST CSF 2.0 est là… avec de nombreuses ressources utiles… Travel Update! The NIST CSF 2.0 is HERE…Along with Many Helpful Resources… (lien direct) |
NIST CSF 2.0 Liens rapides |Explorez notre suite complète de ressources: CSF 2.0 Guides de démarrage rapide CSF 2.0 Profils CSF 2.0 Références informatives outil de référence de cybersécurité et de confidentialité (CPRT) CSF 2.0 Reference Tool CSF 2.0 Site Web (Home Page) NIST News Annonce de NIST Cybersecurity Framework (CSF) Processus de développement du processus de développement de processus de développement du processus de développement de processus de développement NIST (CSF) Processus de développement du processus de développement du processus de développement de la cybersécurité (CSF) (CSF)Tous ont commencé avec le décret exécutif (EO) 13636 il y a plus de dix ans, qui a appelé à la construction d'un ensemble d'approches (un cadre) pour réduire les risques aux infrastructures critiques.Grâce à cet EO, NIST a été chargé de développer un «cadre de cybersécurité».Nous savions que faire
NIST CSF 2.0 QUICK LINKS | Explore our Full Suite of Resources: CSF 2.0 Quick Start Guides CSF 2.0 Profiles CSF 2.0 Informative References Cybersecurity & Privacy Reference Tool (CPRT) CSF 2.0 Reference Tool CSF 2.0 Website ( Homepage ) Official NIST News Announcement The NIST Cybersecurity Framework (CSF) development process all started with Executive Order (EO)13636 over a decade ago, which called for building a set of approaches ( a framework ) for reducing risks to critical infrastructure. Through this EO, NIST was tasked with developing a "Cybersecurity Framework." We knew that, to do |
Tool | ★★ | |
|
2024-02-14 12:00:00 | NIST célèbre la Semaine nationale de l'entrepreneuriat NIST Celebrates National Entrepreneurship Week (lien direct) |
Qu'est-ce que la semaine nationale de l'entrepreneuriat (Natleshipweek)?Célébré du 10 au 17 février 2024, «Natleshipweek est une semaine à charte au Congrès dédiée à l'autonomisation de l'entrepreneuriat à travers les États-Unis.L'initiative annuelle a été relancée en 2017 en tant que Natleshipweek pour réunir un réseau de partenaires de Maui à Miami pour éduquer, engager et créer un accès équitable à l'écosystème entrepreneuriat de l'Amérique. »Suivez en ligne avec #Natleshipweek.Vous pouvez en savoir plus sur l'initiative ici: https://www.natleshipweek.org/about .Le soutien à l'entrepreneuriat est au cœur de NIST \\
What is National Entrepreneurship (NatlEshipWeek) Week? Celebrated February 10-17, 2024, “NatlEshipWeek is a congressionally chartered week dedicated to empowering entrepreneurship across the United States. The annual initiative was relaunched in 2017 as NatlEshipWeek to bring together a network of partners from Maui to Miami to educate, engage, and build equitable access to America\'s Entrepreneurship Ecosystem.” Follow along online with #NatlEshipWeek. You can learn more about the initiative here: https://www.natleshipweek.org/about . Supporting Entrepreneurship is at the Heart of NIST\'s |
★★★ | ||
|
2024-02-08 12:00:00 | La mise à jour de l'engagement international de la cybersécurité et de la confidentialité de NIST \\ & # 8211;Dialogues, ateliers et traductions internationales NIST\\'s International Cybersecurity and Privacy Engagement Update – International Dialogues, Workshops, and Translations (lien direct) |
La nouvelle année en cours, NIST continue de s'engager avec nos partenaires internationaux pour améliorer la cybersécurité.Voici quelques mises à jour sur nos travaux internationaux de la fin de 2023 au début de 2024: les conversations se sont poursuivies avec nos partenaires à travers le monde sur la mise à jour du NIST Cybersecurity Framework (CSF) 2.0.Le projet actuel du CSF 2.0 a été partagé dans une période de commentaires public qui s'est terminée en novembre 2023. Restez à l'écoute pour la version finale qui sera bientôt publiée!L'engagement international du NIST se poursuit grâce à notre soutien au Département d'État et au
With the new year under way, NIST is continuing to engage with our international partners to enhance cybersecurity. Here are some updates on our international work from the end of 2023 into the beginning of 2024: Conversations have continued with our partners throughout the world on the update to the NIST Cybersecurity Framework (CSF) 2.0 . The current Draft CSF 2.0 has been shared in a public comment period that ended in November 2023. Stay tuned for the final version to be published soon! NIST international engagement continues through our support to the Department of State and the |
★★ | ||
|
2024-01-25 12:00:00 | Nouvelle année, nouvelles initiatives pour le cadre de confidentialité du NIST! New Year, New Initiatives for the NIST Privacy Framework! (lien direct) |
Cela fait quatre ans depuis la publication du cadre de confidentialité NIST: un outil pour améliorer la confidentialité par le biais de la gestion des risques d'entreprise, version 1.0.Depuis lors, de nombreuses organisations l'ont trouvé très précieuse pour la construction ou l'amélioration de leurs programmes de confidentialité.Nous avons également été en mesure d'ajouter une variété de ressources pour soutenir son implémentation.Nous sommes fiers de la quantité accomplie en quelques années seulement, mais nous ne reposons pas sur nos lauriers.En tant qu'un autre, plus célèbre, Dylan a dit un jour: "Les fois où ils sont changin \\ '."Par exemple, la dernière année a vu la libération du risque NIST AI
It\'s been four years since the release of The NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0. Since then, many organizations have found it highly valuable for building or improving their privacy programs. We\'ve also been able to add a variety of resources to support its implementation. We\'re proud of how much has been accomplished in just a few short years, but we\'re not resting on our laurels. As another, more famous, Dylan once said, “the times they are a-changin\'.” For example, the past year has seen the release of the NIST AI Risk |
Tool | ★★ | |
|
2024-01-24 12:00:00 | Attaques de confidentialité dans l'apprentissage fédéré Privacy Attacks in Federated Learning (lien direct) |
Cet article fait partie d'une série sur l'apprentissage fédéré préservant la vie privée.La série est une collaboration entre le NIST et le Centre pour l'éthique des données et l'innovation du gouvernement britannique.En savoir plus et lire tous les articles publiés à ce jour dans l'espace de collaboration d'ingénierie de la vie privée de NIST ou le blog CDEI.Notre premier article de la série a introduit le concept d'approche d'apprentissage fédéré-an pour la formation des modèles d'IA sur les données distribuées en partageant des mises à jour du modèle au lieu de la formation des données.À première vue, l'apprentissage fédéré semble être un ajustement parfait pour la vie privée car il évite complètement de partager des données
This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government\'s Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST\'s Privacy Engineering Collaboration Space or the CDEI blog . Our first post in the series introduced the concept of federated learning-an approach for training AI models on distributed data by sharing model updates instead of training data. At first glance, federated learning seems to be a perfect fit for privacy since it completely avoids sharing data |
★★★ | ||
|
2024-01-11 12:00:00 | Voyage dans la frontière immersive: recherche préliminaire du NIST sur les normes de cybersécurité et de confidentialité pour les technologies immersives Journey into the Immersive Frontier: Preliminary NIST Research on Cybersecurity and Privacy Standards for Immersive Technologies (lien direct) |
Des mots comme «métaverse» et «réalité augmentée» peuvent évoquer des pensées d'amis dans les casques brandissant des sabres virtuels ou des gens errant dans les rues la nuit à la recherche de pok & eacute; s'arrête.Les technologies de réalité virtuelles, augmentées et mixtes («technologies immersives») sont entrées dans la conscience populaire grâce en partie au succès des jeux, mais leurs applications vont bien au-delà de nouvelles expériences de divertissement.Ils sont déjà utilisés pour accroître l'accès à l'éducation, améliorer la fabrication, renforcer l'accessibilité et former les effectifs dans les soins de santé et la vente au détail.Les technologies immersives ont le
Words like “metaverse” and “augmented reality” may conjure up thoughts of friends in headsets wielding virtual sabers or folks roaming the streets at night in search of PokéStops. Virtual, augmented, and mixed reality technologies (“immersive technologies”) have entered the popular conscience thanks in part to the success of games, but their applications go well beyond new experiences in entertainment. They are already being utilized to increase access to education , improve manufacturing , bolster accessibility , and train workforces in healthcare and retail . Immersive technologies have the |
★★★ | ||
|
2023-12-12 12:00:00 | Une note sur les directives d'identité numérique de progrès… NIST. A Note on progress…NIST\\'s Digital Identity Guidelines. (lien direct) |
En août 2023, l'équipe des directives d'identité numérique a organisé un atelier de deux jours pour fournir une mise à jour publique sur l'état de la révision 4. Dans le cadre de cette session, nous nous sommes engagés à fournir des informations supplémentaires sur l'état de chaque volume à l'avenir.Dans la réalisation de cet engagement, nous voulions offrir une mise à jour rapide sur où nous en sommes.Notre objectif reste d'avoir la prochaine version de chaque volume au printemps 2024. Avec notre gratitude pour l'engagement robuste et substantiel que nous avons reçu pendant la période de commentaire, nous aimerions annoncer que les quatre volumes de spéciaux
In August 2023 the Digital Identity Guidelines team hosted a two-day workshop to provide a public update on the status of revision 4. As part of that session, we committed to providing further information on the status of each volume going forward. In fulfillment of this commitment, we wanted to offer a quick update on where we stand. Our goal remains to have the next version of each volume out by the Spring of 2024. With our gratitude for the robust and substantive engagement we received during the comment period, at this time we would like to announce that all four volumes of Special |
★★★ | ||
|
2023-12-07 12:00:00 | La série de blogs britanniques sur l'apprentissage fédéré préservant la vie privée: introduction The UK-US Blog Series on Privacy-Preserving Federated Learning: Introduction (lien direct) |
Ce message est le premier d'une série sur l'apprentissage fédéré préservant la vie privée.La série est une collaboration entre CDEI et NIST.Les progrès de l'apprentissage automatique et de l'IA, alimentés par la disponibilité des données à grande échelle et l'informatique haute performance, ont eu un impact significatif à travers le monde au cours des deux dernières décennies.Les techniques d'apprentissage automatique façonnent les informations que nous voyons en ligne, influencent les décisions commerciales critiques et aident la découverte scientifique, qui stimule les progrès des soins de santé, de la modélisation du climat, etc.Modèles de formation: apprentissage conventionnel vs fédéré le moyen standard de s'entraîner
This post is the first in a series on privacy-preserving federated learning. The series is a collaboration between CDEI and NIST. Advances in machine learning and AI, fueled by large-scale data availability and high-performance computing, have had a significant impact across the world in the past two decades. Machine learning techniques shape what information we see online, influence critical business decisions, and aid scientific discovery, which is driving advances in healthcare, climate modelling, and more. Training Models: Conventional vs Federated Learning The standard way to train |
★★ | ||
|
2023-12-04 12:00:00 | NCCOE 5G Cybersecurity: Connexion des points entre elle et les capacités de cybersécurité des télécoce dans les systèmes 5G NCCoE 5G Cybersecurity: Connecting the Dots Between IT and Teleco Cybersecurity Capabilities in 5G Systems (lien direct) |
5G finira par avoir un impact sur chaque industrie à partir des soins de santé financières à même agriculture et transport ... et son impact ne fait qu'augmenter avec le temps.Malgré ses avantages, il comporte des risques de confidentialité et de sécurité.Un nombre croissant de dispositifs interconnectés augmente la surface d'attaque.En outre, il existe également des vulnérabilités accrues de la chaîne d'approvisionnement et des problèmes de visibilité du réseau (les entreprises peuvent avoir des problèmes d'identification des attaques car il peut y avoir beaucoup de nouveaux trafics Web à partir d'appareils mobiles et / ou plus de sophistication en ce qui concerne les attaques).Le but de la NCCOE 5G
5G will eventually impact every single industry-from healthcare to financial to even agriculture and transportation...and its impact is only increasing over time. Despite its benefits, it comes with privacy and security risks. An increasing number of interconnected devices increases the attack surface. In addition, there are also increased supply chain vulnerabilities and network visibility issues (companies may have issues identifying attacks since there may be a lot of new web traffic from mobile devices and/or more sophistication when it comes to attacks). The goal of the NCCoE 5G |
Vulnerability Mobile | ★★ | |
|
2023-11-20 12:00:00 | La mise à jour de l'engagement international de la cybersécurité et de la confidentialité de NIST \\ & # 8211;Missions commerciales, ateliers et traductions NIST\\'s International Cybersecurity and Privacy Engagement Update – Trade Missions, Workshops, and Translations (lien direct) |
Notre mois de sensibilisation à la cybersécurité a peut-être terminé fin octobre - mais l'importance d'améliorer la cybersécurité et de s'engager avec nos partenaires internationaux pour améliorer la cybersécurité est à l'avant-garde de notre esprit toute l'année.Here are some updates on our international work: Conversations have continued with our partners throughout the world on the update to the NIST Cybersecurity Framework (CSF) 2.0 , and NIST hosted its final workshop on September 19 and 20 with in-person and hybrid attendance featuringParticipation internationale (via les conférenciers et les panélistes).Alors que
Our Cybersecurity Awareness Month may have come to a close at the end of October - but the importance of enhancing cybersecurity and engaging with our international partners to enhance cybersecurity is at the forefront of our minds all year long. Here are some updates on our international work: Conversations have continued with our partners throughout the world on the update to the NIST Cybersecurity Framework (CSF) 2.0 , and NIST hosted its final workshop on September 19 and 20 with in-person and hybrid attendance featuring international participation (via both speakers and panelists). While |
★★ | ||
|
2023-10-24 12:00:00 | Mois de sensibilisation à la cybersécurité 2023 Série de blogs |Reconnaître et signaler le phishing Cybersecurity Awareness Month 2023 Blog Series | Recognizing and Reporting Phishing (lien direct) |
Au cours de la série de blogs de cette semaine, nous avons assis avec deux de nos experts NIST du groupe Visualisation and d'utilisation de NIST - Shan & Eacute; E Dawkins et Jody Jacobs - qui ont discuté de l'importance de reconnaître et de signaler le phishing.Ce blog conclut notre série de blogs Mois de sensibilisation à la cybersécurité 2023… mais nous prévoyons bien sûr de continuer à partager, collaborer, apprendre et passer le mot toute l'année.1. Cette semaine, le thème du mois de la sensibilisation à la cybersécurité de \\ est \\ 'reconnaître et signaler le phishing. \' Comment votre travail de travail / spécialité de NIST est-il lié à ce comportement?Nous travaillons dans le laboratoire des technologies de l'information, mais notre
During this week\'s blog series, we sat down with two of our NIST experts from the Visualization and Usability Group at NIST - Shanée Dawkins and Jody Jacobs - who discussed the importance of recognizing and reporting phishing . This blog wraps up our Cybersecurity Awareness Month 2023 blog series…but we of course plan to continue to share, collaborate, learn, and spread the word all year long. 1. This week\'s Cybersecurity Awareness Month theme is \'recognize and report phishing.\' How does your work/specialty area at NIST tie into this behavior? We work in the Information Technology Lab, but our |
★★ | ||
|
2023-10-18 12:00:00 | Mois de sensibilisation à la cybersécurité 2023 Série de blogs |Logiciel de mise à jour Cybersecurity Awareness Month 2023 Blog Series | Updating Software (lien direct) |
Il est la troisième semaine dans notre série de blogs Mois de sensibilisation à la cybersécurité!Cette semaine, nous avons interviewé Michael Ogata (informaticien) de NIST \\) et Paul Watrobski (spécialiste de la sécurité informatique) sur l'importance de mettre à jour le logiciel.Cette semaine, le thème du Mois de la sensibilisation à la cybersécurité est \\ 'Updating Software. \' Comment votre travail de travail / spécialité de NIST est-il lié à ce comportement?La mission principale de la division de cybersécurité appliquée de NIST \\ est d'explorer, de mesurer et d'évaluer à la fois les directives de cybersécurité que NIST fournit ainsi que les meilleures pratiques de l'industrie.Un de nos projets actuels consiste à mettre les pratiques décrites
It\'s week three in our Cybersecurity Awareness Month blog series! This week, we interviewed NIST\'s Michael Ogata (Computer Scientist) and Paul Watrobski (IT Security Specialist) about the importance of updating software. This week\'s Cybersecurity Awareness Month theme is \'updating software.\' How does your work/specialty area at NIST tie into this behavior? NIST\'s Applied Cybersecurity Division\'s core mission is to explore, measure, and evaluate both the cybersecurity guidance NIST provides as well as industry best practices. One of our current projects involves putting the practices described |
★★ | ||
|
2023-10-10 12:00:00 | Mois de sensibilisation à la cybersécurité 2023 Série de blogs |Utilisation de mots de passe forts et un gestionnaire de mots de passe Cybersecurity Awareness Month 2023 Blog Series | Using Strong Passwords and a Password Manager (lien direct) |
Aujourd'hui, le blog de \\ est le deuxième de notre série du mois de sensibilisation à la cybersécurité en 2023 et examine différents facteurs associés à l'utilisation de mots de passe solides et d'un gestionnaire de mots de passe.Nous avons interviewé Nist \\ de Yee-Yin Choong et Meghan Anderson pour obtenir leurs pensées et leurs idées uniques.Cette semaine, le thème du mois de la sensibilisation à la cybersécurité de \\ est \\ 'en utilisant des mots de passe forts et un gestionnaire de mots de passe. \' Comment votre travail de travail / spécialité chez NIST est-il lié à ce comportement?Yee-yin: Au nist, je me suis effectué des recherches sur les facteurs humains et les aspects d'utilisabilité des interactions humaines-technologies.Un domaine de recherche est humain
Today\'s blog is the second one in our 2023 Cybersecurity Awareness Month series and examines different factors associated with using strong passwords and a password manager. We interviewed NIST\'s Yee-Yin Choong and Meghan Anderson to get their unique thoughts and insights. This week\'s Cybersecurity Awareness Month theme is \' using strong passwords and a password manager .\' How does your work/specialty area at NIST tie into this behavior? Yee-Yin : At NIST, I\'ve been conducting research on human factors and the usability aspects of human-technology interactions. One research area is human |
★★ | ||
|
2023-10-02 12:00:00 | Débutant la célébration du mois de la sensibilisation à la cybersécurité de la cybersécurité & # 039;Notre série de blogs Mois de sensibilisation à la cybersécurité 2023 Kicking off NIST's Cybersecurity Awareness Month Celebration & Our Cybersecurity Awareness Month 2023 Blog Series (lien direct) |
Octobre est toujours une période passionnante pour nous alors que nous célébrons le mois de la sensibilisation à la cybersécurité et certaines des plus grandes réalisations, des ressources, des conseils et des dernières nouvelles de NIST dans l'espace de cybersécurité.Cette année est grande car 2023 marque le 20 e anniversaire de cette initiative importante - et nous célébrerons de diverses manières chaque jour tout au long du mois.Que fait NIST en octobre?Nous utiliserons notre site Web du NIST de la sensibilisation à la cybersécurité pour partager des informations sur nos événements, nos ressources, nos blogs et comment rester impliqués.Nous utiliserons notre compte Nistcyber X comme véhicule pour
October is always an exciting time for us as we celebrate Cybersecurity Awareness Month and some of NIST\'s greatest accomplishments, resources, guidance, and latest news in the cybersecurity space. This year is a big one because 2023 marks the 20 th anniversary of this important initiative -and we will celebrate in various ways every day throughout the month. What is NIST Up to in October? We\'ll be using our NIST Cybersecurity Awareness Month website to share information about our events, resources, blogs, and how to stay involved. We will be using our NISTcyber X account as a vehicle to |
★★ | ||
|
2023-09-28 12:00:00 | NIST dévoile un programme de cybersécurité centré sur l'homme nouvellement nommé NIST Unveils Newly Named Human-Centered Cybersecurity Program (lien direct) |
Le programme de cybersécurité centré sur l'homme (anciennement utilisable de cybersécurité) fait partie du groupe de visualisation et d'utilisation de NIST.Il a été créé en 2008, mais nous savons depuis un certain temps que nous devions renommer notre programme pour mieux représenter la portée plus large du travail que nous fournissons au praticien de la cybersécurité et aux communautés professionnelles informatiques.Nous avons pris la décision de mettre à jour le nom de la cybersécurité centrée sur l'homme pour mieux refléter notre nouvel énoncé de mission (mais pratiqué de longue date), «défendant l'humain en cybersécurité».Avec notre nouveau nom, nous espérons souligner encore cette convivialité
The Human-Centered Cybersecurity program (formerly Usable Cybersecurity) is part of the Visualization and Usability Group at NIST. It was created in 2008, but we\'ve known for quite some time that we needed to rename our program to better represent the broader scope of work we provide for the cybersecurity practitioner and IT professional communities. We made the decision to update the name to Human-Centered Cybersecurity to better reflect our new (but long-time practiced) mission statement, “ championing the human in cybersecurity.” With our new name, we hope to highlight that usability still |
★★★ | ||
|
2023-09-11 12:00:00 | Les expériences d'apprentissage pratiques encouragent la découverte de carrière de cybersécurité Hands-On Learning Experiences Encourage Cybersecurity Career Discovery (lien direct) |
Avec une mention dans la nouvelle stratégie nationale de cyber-travail et d'éducation et même une loi dévouée par l'État, K & # 8211; 12 La cybersécurité L'éducation a clairement l'œil des décideurs politiques.Cependant, malgré l'attention du public et les nouvelles opportunités pour les élèves du secondaire de suivre les cours de cybersécurité, les écoles secondaires ont souvent du mal à fournir aux élèves une compréhension claire de ce à quoi ressemblent réellement les carrières de cybersécurité.Des expériences d'apprentissage pratiques, comme celles que nous avions dans nos écoles et pendant notre stage avec NIC
With a mention in the new National Cyber Workforce and Education Strategy and even a dedicated state law , K–12 cybersecurity education clearly has the eye of policymakers. However, despite public attention and new opportunities for high school students to pursue cybersecurity coursework, high schools often struggle to provide students with a clear understanding of what cybersecurity careers actually look like. Hands-on learning experiences, like those we\'ve had at our schools and during our internship with NICE at NIST, can help bring cybersecurity education and career pathways into focus for |
★★ | ||
|
2023-09-05 12:00:00 | Mises à jour prévues de NIST \\ pour mettre en œuvre la règle de sécurité HIPAA: un guide de ressources de cybersécurité NIST\\'s Planned Updates to Implementing the HIPAA Security Rule: A Cybersecurity Resource Guide (lien direct) |
Contexte: NIST Publication spéciale (SP) 800-66 Les organisations de soins de santé sont confrontées à de nombreux défis des menaces de cybersécurité.Cela peut avoir de graves impacts sur la sécurité des données des patients, la qualité des soins aux patients et même la situation financière de l'organisation.Les organisations de soins de santé doivent également se conformer aux exigences réglementaires, telles que la règle de sécurité de la loi sur l'assurance maladie et de la responsabilité de 1996 (HIPAA), qui se concentre sur la sauvegarde des informations sur la santé électronique (EPHI) ou maintenue par les entités et les associés couverts par HIPAA (collectivement (collectivement (collectivement,
Background: NIST Special Publication (SP) 800-66 Healthcare organizations face many challenges from cybersecurity threats. This can have serious impacts on the security of patient data, the quality of patient care, and even the organization\'s financial status. Healthcare organizations also must comply with regulatory requirements, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, which focuses on safeguarding the electronic protected health information (ePHI) held or maintained by HIPAA covered entities and business associates (collectively, |
★★ | ||
|
2023-07-18 12:00:00 | International Engagement – Brussels and Beyond (lien direct) | L'engagement international fait partie intégrante de nombreux efforts en cours du NIST, notamment la mise à jour du voyage vers le cadre de cybersécurité (CSF 2.0), notre mise à jour des directives d'identité numérique et une sensibilisation croissante du cadre de confidentialité du NIST et du travail de cybersécurité IoT.Dans la mise à jour de NIST CSF 2.0, NIST continue de travailler avec la communauté internationale.Lors de l'atelier virtuel de février 2023 de NIST sur la mise à jour du CSF 2.0, les participants des gouvernements italien et néo-zélandais et de l'industrie mexicaine ont parlé de panneaux.De plus, les participants se sont joints à plusieurs pays.Nous continuons à
International engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update , our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work. In the update to NIST CSF 2.0, NIST continues to work with the international community. At NIST\'s February 2023 virtual workshop on the CSF 2.0 update, participants from Italian and New Zealand governments and Mexican industry spoke on panels. In addition, participants joined from several countries. We are continuing to |
★★★ | ||
|
2023-07-18 12:00:00 | Engagement international & # 8211;Bruxelles et au-delà International Engagement – Brussels and Beyond (lien direct) |
L'engagement international fait partie intégrante de nombreux efforts en cours du NIST, notamment la mise à jour du voyage vers le cadre de cybersécurité (CSF 2.0), notre mise à jour des directives d'identité numérique et une sensibilisation croissante du cadre de confidentialité du NIST et du travail de cybersécurité IoT.Dans la mise à jour de NIST CSF 2.0, NIST continue de travailler avec la communauté internationale.Lors de l'atelier virtuel de février 2023 de NIST sur la mise à jour du CSF 2.0, les participants des gouvernements italien et néo-zélandais et de l'industrie mexicaine ont parlé de panneaux.De plus, les participants se sont joints à plusieurs pays.Nous continuons à
International engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update, our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work. In the update to NIST CSF 2.0, NIST continues to work with the international community. At NIST\'s February 2023 virtual workshop on the CSF 2.0 update, participants from Italian and New Zealand governments and Mexican industry spoke on panels. In addition, participants joined from several countries. We are continuing to |
★★ | ||
|
2023-06-22 12:00:00 | Conseils SSDF et IoT Cybersecurity: Blocs Blocs for IoT Product Security SSDF and IoT Cybersecurity Guidance: Building Blocks for IoT Product Security (lien direct) |
Les directives de la cybersécurité de l'IOT de NIST reconnaissent depuis longtemps l'importance des pratiques de développement de logiciels sécurisées (SSDF), mises en évidence par la série NIST IR 8259-telle que la recommandation de documentation en action 3.D du NIST IR 8259B, que les fabricants ont considéréet documenté leurs «pratiques de développement de logiciels et de chaîne d'approvisionnement sécurisées utilisées».Le NIST SSDF (NIST SP 800-218) décrit des pratiques de développement de logiciels qui peuvent aider les fabricants à développer des produits IoT en fournissant des conseils pour le développement sécurisé des logiciels et du micrologiciel.Ces pratiques de développement peuvent également fournir
NIST\'s IoT cybersecurity guidance has long recognized the importance of secure software development (SSDF) practices, highlighted by the NIST IR 8259 series-such as the recommendation for documentation in Action 3.d of NIST IR 8259B, that manufacturers have considered and documented their “secure software development and supply chain practices used.” The NIST SSDF (NIST SP 800-218) describes software development practices that can aid manufacturers in developing IoT products by providing guidance for the secure development of software and firmware. These development practices can also provide |
★★ | ||
|
2023-05-22 12:00:00 | Cartographie de notre destination: innovation responsable via la feuille de route de l'identité NIST Mapping out our Destination: Responsible Innovation via the NIST Identity Roadmap (lien direct) |
RSA Conference week is always a whirlwind. NIST was there front and center last month, and we learned a lot, shared a lot, and made a big announcement during the festivities… We were excited to announce that NIST\'s DRAFT Identity and Access Management Roadmap was released for public comment on Friday, April 14th and that the comment period will be extended to June 16th. What is the Roadmap? The Roadmap provides a consolidated view of NIST\'s planned identity efforts over the coming years and serves as a vehicle to communicate our priorities. It provides guiding principles, strategic objectives
RSA Conference week is always a whirlwind. NIST was there front and center last month, and we learned a lot, shared a lot, and made a big announcement during the festivities… We were excited to announce that NIST\'s DRAFT Identity and Access Management Roadmap was released for public comment on Friday, April 14th and that the comment period will be extended to June 16th. What is the Roadmap? The Roadmap provides a consolidated view of NIST\'s planned identity efforts over the coming years and serves as a vehicle to communicate our priorities. It provides guiding principles, strategic objectives |
Conference | ★★ | |
|
2023-04-20 12:00:00 | La petite entreprise est une grande priorité: le NIST étend la sensibilisation à la communauté des petites entreprises Small Business is a Big Priority: NIST Expands Outreach to the Small Business Community (lien direct) |
Saviez-vous que 99,9% des entreprises en Amérique sont des petites entreprises? [1] Les petites entreprises sont une source majeure d'innovation pour notre pays mais elles sont souvent confrontées à des ressources et à des budgets limités.Beaucoup d'entre eux ont besoin de solutions de cybersécurité, de conseils et de formation afin qu'ils puissent aborder et gérer de manière rentable leurs risques de cybersécurité.Hmmm… où pouvez-vous trouver des conseils comme celui-ci en un seul endroit?Le tour est joué!Le coin de cybersécurité des petites entreprises!Ce site Web a été créé par NIST en 2019 en réponse à la NIST Small Business Cybersecurity Act, qui nous a orienté de «diffuser clairement et concise
Did you know that 99.9% of businesses in America are small businesses?[1] Small businesses are a major source of innovation for our country-but they\'re often faced with limited resources and budgets. Many of them need cybersecurity solutions, guidance, and training so they can cost-effectively address and manage their cybersecurity risks. Hmmm…where can you find guidance like this all in one place? Voila! The Small Business Cybersecurity Corner! This website was created by NIST in 2019 in response to the NIST Small Business Cybersecurity Act, which directed us to “disseminate clear and concise |
★★★ | ||
|
2023-04-03 12:00:00 | L'importance de la transparence & # 8211;Alimenter la confiance et la sécurité par la communication The Importance of Transparency – Fueling Trust and Security Through Communication (lien direct) |
Qui a besoin de savoir \\ 'quoi, \' \\ 'quand, \' et \\ 'comment \' pour leur dire le défi, il y a de nombreux défis à fournir et à maintenir la cybersécurité dans le monde connecté d'aujourd'hui.Bien que les développeurs de produits considèrent de plus en plus la sécurité lorsqu'ils conçoivent et créent des produits, ils ne peuvent pas toujours communiquer des informations critiques de cybersécurité sur leurs produits connectés.Les lacunes de l'information présentent un défi aux parties prenantes - en particulier les clients - qui ont un aperçu limité des processus, des fonctions et des fonctionnalités de sécurité qui protègent les produits, composants et services connectés.Une communication efficace est la
Who needs to know \'What,\' \'When,\' and \'How\' to tell them The Challenge There are many challenges to providing and maintaining cybersecurity in today\'s connected world. While product developers increasingly consider security as they design and build products, they may not always communicate critical cybersecurity information about their connected products. Information gaps present a challenge to stakeholders-especially customers-who have limited insight into the security processes, functions and features that protect connected products, components, and services. Effective communication is the |
★★ | ||
|
2023-02-01 12:00:00 | Phishing Resistance – Protecting the Keys to Your Kingdom (lien direct) | If you own a computer, watch the news, or spend virtually any time online these days you have probably heard the term “phishing.” Never in a positive context…and possibly because you have been a victim yourself. Phishing refers to a variety of attacks that are intended to convince you to forfeit sensitive data to an imposter. These attacks can take a number of different forms; from spear-phishing (which targets a specific individual within an organization), to whaling (which goes one step further and targets senior executives or leaders). Furthermore, phishing attacks take place over multiple | Guideline | ★★★ | |
|
2023-01-27 12:00:00 | Data Analytics for Small Businesses: How to Manage Privacy Risks (lien direct) | Perhaps you've been hearing about data analytics, which is being promoted as a way for even small businesses to analyze communications with customers, enhance customer experience, save money, and ultimately improve your brand. However, data analytics can have big privacy implications. You may think of managing privacy risk as protecting sensitive customer information, such as credit cards. As the Venn diagram to the right demonstrates, data security is certainly one aspect of privacy risk, but privacy risks can also arise by means unrelated to cybersecurity incidents. People can experience | ★★★ | ||
|
2022-12-14 12:00:00 | International Engagement Blog: Singapore International Cyber Week, the Regional Initiative for Cybersecurity Education and Training, and More (lien direct) | NIST has continued to collaborate into the fall season with partners throughout the world on the Cybersecurity Framework 2.0 update. International engagement and alignment with international standards are important themes for the 2.0 update and will drive changes to ensure global relevance. As part of this ongoing international engagement, NIST welcomed visitors to the NCCoE and NIST headquarters to discuss various cybersecurity topics and explore areas for mutual collaboration. In the past few weeks, NIST met with visitors from Italy, Singapore, New Zealand, Germany, and Brazil at the NCCoE | ★ | ||
|
2022-10-25 12:00:00 | Why Employers Should Embrace Competency-Based Learning in Cybersecurity (lien direct) | There is a growing movement toward increasing the use of competency and skills-based education and hiring practices in both the public and private sectors. For example, the Executive Order on Modernizing and Reforming the Assessment and Hiring of Federal Job Candidates calls upon the Federal Government to “ensure that the individuals most capable of performing the roles and responsibilities required of a specific position are those hired for that position”-resulting in “merit-based reforms that will replace degree-based hiring with skills- and competency-based hiring.” Similarly, the | |||
|
2022-10-24 12:00:00 | Cybersecurity Awareness Month 2022: Recognizing & Reporting Phishing (lien direct) | This blog will officially wrap up our 2022 Cybersecurity Awareness Month blog series - today we have a special interview from Marian Merritt, deputy director, lead for industry engagement for the National Initiative for Cybersecurity Education (NICE)! Marian will be discussing the importance of recognizing and reporting phishing incidents in detail. A phishing attack is an attempt to fool an individual into sharing private information or taking an action that gives criminals access to your accounts, your computer, login credentials or even your network. This week's Cybersecurity Awareness | Guideline | ||
|
2022-10-20 12:00:00 | Student Insights on Cybersecurity Careers (lien direct) | Hi, our names are Aubrie, Kyle, and Lindsey! We participated in internships at the National Initiative for Cybersecurity Education (NICE) Program Office this past year. This is a career pivot for Aubrie, meaning this is her introduction to cybersecurity from another career; she is earning her master's with a concentration in cybersecurity. Kyle was an undergraduate intern majoring in Computer Engineering. He is almost finished with his education and will soon be transitioning into the workforce. Lindsey is a high school member of the program. The three of us come from different academic and | |||
|
2022-10-17 12:00:00 | Cybersecurity Awareness Month 2022: Updating Software (lien direct) | Cybersecurity Awareness Month is flying by, and today's blog identifies different security vulnerabilities that can be exposed if you are unable to keep up with your software updates. We interviewed NIST's Michael Ogata, a computer scientist in the Applied Cybersecurity Division, and he walked us through different strategies to minimize your cybersecurity risks. Michael also was able to provide cyber tips to improve online safety. This week's Cybersecurity Awareness Month theme is updating software. How does your work/specialty area at NIST tie into this behavior? Today, mobile applications | |||
|
2022-10-13 12:00:00 | Cybersecurity Awareness Month 2022: Using Strong Passwords and a Password Manager (lien direct) | The key behavior that we are highlighting this week for Cybersecurity Awareness Month is using strong passwords and a password manager. In today's blog we interviewed NIST's Connie LaSalle, a senior technology policy advisor, and she offers four specific ways to mitigate your cybersecurity risks online while discussing the importance adopting strong passwords. Take a look at her responses to our questions below… This week's Cybersecurity Awareness Month theme is using strong passwords and a password manager. How does your work/specialty area at NIST tie into this behavior? As a senior | |||
|
2022-10-03 12:00:00 | Cybersecurity Awareness Month 2022: Enabling Multi-factor Authentication Key behavior: Multi-factor Authentication (lien direct) | In celebration of Cybersecurity Awareness Month, NIST will be publishing a dedicated blog series throughout October; we will be sharing blogs each week that will match up to four key behaviors identified by the National Cybersecurity Alliance (NCA). Today's interview-style blog features two NIST experts -Bill Newhouse and Ryan Galluzzo-discussing different reasons to enable multi-factor authentication (a mechanism to verify an individual's identity by requiring them to provide more information than just a username and password). Here are the questions they both were asked, along with their | |||
|
2022-09-30 12:00:00 | NIST International Engagement Updates: CSF 2.0 Update Workshop and More (lien direct) | The subject of international alignment and alignment with international resources continues to be an important focus for NIST, particularly with the process for the Cybersecurity Framework (CSF) 2.0 update. This was an important area for many of our stakeholders, as described in the summary of analysis of the Request for Information (RFI) from February. NIST hosted its first virtual workshop on the journey to the CSF 2.0 update process in August. During the workshop, NIST described the importance of international alignment as well as the feedback we heard on continuing our international | ★★★★★ | ||
|
2022-09-29 12:00:00 | The Final Countdown to Cybersecurity Awareness Month 2022: “It's easy to stay safe online!” (lien direct) | Today's blog will jumpstart NIST's celebration of Cybersecurity Awareness Month 2022! We have a lot in store for October and are looking forward to sharing our work, progress, events, and news with you. This year's theme is "It's easy to stay safe online" and will cover four key behaviors: Enabling multi-factor authentication Using strong passwords and a password manager Updating software Recognizing and reporting phishing As a repeat Cybersecurity Awareness Month Champion, NIST is dedicated to promoting a safer online environment and helping others learn and understand the complex world of | |||
|
2022-07-27 12:00:00 | NIST\'s Expanding International Engagement on Cybersecurity (lien direct) | In providing a foundation for cybersecurity advancements over the years, NIST has taken the global context into account when determining priorities and approaches. Our participation in Standards Developing Organizations (SDOs) has expanded steadily, and we encourage international participation in the development of our own programs and resources. As we celebrate the 50th anniversary of cybersecurity at NIST, it is more important than ever that we work with our partners around the world. NIST's growing impact on the international stage is reflected in the many translations of our signature | |||
|
2022-07-15 12:00:00 | Standards: The CPSO\'s Best Friend (lien direct) | Workshop Shines Light on Role of Standards in Cybersecurity for IoT What do Chief Product Security Officers (CPSOs) want to make their job easier? As it turns out, standards. This insight was one of many shared at a public virtual workshop NIST held June 22, 2022, to discuss the next steps for the Cybersecurity for the Internet of Things (IoT) program. As we move forward in developing cybersecurity guidance for IoT products, NIST remains committed to an open and transparent process that builds on input from stakeholders, including industry and the broader public. Our June 22 workshop explored | |||
|
2022-07-06 12:00:00 | Next Up: Integrating Information and Communication Technology Risk Programs with Enterprise Risk Management (lien direct) | Given the increasing reliance of organizations on technologies over the past 50 years, a number of risk disciplines have evolved into full-fledged risk programs. In recent years, cybersecurity, supply chain, and privacy risk management programs have formalized best practices. Yet the rapid evolution of these disciplines sometimes has led to miscommunication and inefficiencies between those risk programs and overarching enterprise risk management (ERM) portfolio. The years ahead will focus on optimizing coordination and communication between all risk programs and ERM. To be supportive of | |||
|
2022-06-23 12:00:00 | Identity and Access Management at NIST: A Rich History and Dynamic Future (lien direct) | Digital identity for access control is a fundamental and critical cybersecurity capability that ensures the right people and things have the right access to the right resources at the right time. NIST has a rich history in digital identity standardization spanning more than 50 years. We have conducted research, developed prototypes and reference implementations, and supported pilots to better understand new and emerging technologies that inform our digital identity standards, guidelines, and resources. Also, NIST participates and leads in the development of national and international standards | Guideline | ||
|
2022-06-09 12:00:00 | NIST International Outreach Strengthened through Additional Translations and Engagement (lien direct) | With the update to the Cybersecurity Framework in full swing, NIST continues to prioritize international engagement through conversations and collaborations on cybersecurity. This work is critical to NIST's efforts to ensure international alignment on cybersecurity and privacy resources. Here's a quick summary of some recent engagements, with more to come in the next few weeks! Under Secretary of Commerce for Standards and Technology and NIST Director Laurie Locascio participated virtually in the G7 Digital Ministers meeting on May 10th alongside the State Department. She spoke about current | |||
|
2022-06-03 12:00:00 | Setting off on the Journey to the NIST Cybersecurity Framework (CSF) 2.0 (lien direct) | Over the past few months, NIST has been seeking feedback on the use and improvements to its cybersecurity resources through the Request for Information (RFI) on “Evaluating and Improving NIST Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management.” In this RFI, NIST asked about evaluating and improving the NIST Cybersecurity Framework (CSF or Framework), use of the Framework in conjunction with other resources, and improving supply chain cybersecurity risk management. The RFI garnered 134 comments (at date of publication) from a diverse range of | |||
|
2022-05-26 12:00:00 | The Cornerstone of Cybersecurity – Cryptographic Standards and a 50-Year Evolution (lien direct) | In today's connected digital world, cryptographic algorithms are implemented in every device and applied to every link to protect information in transmission and in storage. Over the past 50 years, the use of cryptographic tools has expanded dramatically, from limited environments like ATM encryption to every digital application used today. Throughout this long journey, NIST has played a unique leading role in developing critical cryptographic standards. Data Encryption Standard (DES) In the early 1970s, there was little public understanding of cryptography, although most people knew that | Tool Guideline | ||
|
2022-05-16 12:00:00 | Cybersecurity for IoT: The Road We\'ve Traveled, The Road Ahead (lien direct) | The NIST Cybersecurity for IoT program published Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks (NISTIR 8228) in June 2019, nearly 3 years ago. Since then, IoT technology has continued to develop and be adopted across sectors and markets. NIST's own work, both in and outside IoT, has also progressed since the publication of NISTIR 8228. These developments warrant a new look at the contents of NISTIR 8228 and at future IoT cybersecurity priorities at NIST. As the Cybersecurity for IoT program has progressed through guidance for IoT device manufacturers | |||
|
2022-04-25 12:00:00 | The Application of Cybersecurity for IoT Capabilities to Real-World Scenarios (lien direct) | NIST has a history of collaboration between its programs, which helps maximize project impacts and practicality to industry. One great example is between NIST's National Cybersecurity Center of Excellence (NCCoE) and the Cybersecurity for the Internet of Things (IoT) Program. Recent project reports from the NCCoE include mappings of relevant IoT device cybersecurity capabilities and nontechnical supporting capabilities; these three mappings align NIST's IoT cybersecurity guidance with real-world implementation approaches: Securing Telehealth Remote Patient Monitoring Ecosystem Securing | |||
|
2022-04-06 12:00:00 | A Peek at Privacy: Where We Started, Where We are Now, and What\'s Next (lien direct) | As part of NIST's 50th anniversary of cybersecurity, this month's blog post is centered on privacy at NIST. Since many of you have become familiar with the Privacy Engineering Program's popular Venn diagram showing the relationship between cybersecurity and privacy risks, let's use it to show how NIST has expanded and matured its understanding of privacy over the last 50 years. If we go back in time to the 1960s, data privacy really came into focus when the growing use of computers created concerns about secret databases of people's information. The report, Records, Computers, and the Rights |
To see everything:
Our RSS (filtrered)
