Regulations, Frameworks, and Controls - February 11, 2022

Many companies struggle with all of the cybersecurity documentation, processes, and policies that can limit their business growth and REALLY stress them out. Omnistruct serves as an enterprise partner for the critical policies, processes, and documentation needed to make sure all of that data and revenue is well protected against cyber threats and that the company stays in compliance with all rules and regulations.

How data privacy frameworks are evolving, and how they can guide risk-based decisions

The NIST Privacy Framework, modeled after the NIST Cybersecurity Framework, contains core functions and controls that can help an organization identify and manage risks to the privacy of data, regardless of the size of the organization, jurisdiction or type of data maintained by the organization. By Nathan Eddy I February 07, 2022 Read More

NIST Publishes Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products

The purpose of the publication, as described by NIST, is to identify “key elements of a potential labeling scheme.” The publication makes clear, however, that the scheme would not be established or managed by NIST, but rather “by another organization or program,” referred to in the publication as the “scheme owner.” The identity of the scheme owner is undetermined, but it “could be a public or private sector” entity. By Covington & Burling LLP I February 9, 2022 Read More

NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order

Federal procurement officials should err on the side of accepting declarations software vendors make about their products, in part to address concerns about cost and the protection of intellectual property, according to the National Institute of Standards and Technology. By Mariam Baksh I February 6, 2022 Read More