Regulations, Frameworks, and Controls - March 18, 2022

NIST Releases Guidance for Assessing Compliance with Core Cybersecurity Publication

The document is targeted at auditors—internal and external to an organization—who are set to play a central role in cybersecurity policy under a May executive order and initiatives like the Pentagon’s Cybersecurity Maturity Model Certification program. By Mariam Baksh I March 15, 2022 Read More

NIST provides recommended criteria for cybersecurity labeling for consumer software and IoT products

If one of the goals of President Biden’s May 2021 “Executive Order on Improving the Nation’s Cybersecurity” is fulfilled, you’ll be able to look for a quality and security assurance label on any software product you consider buying. To which anyone who cares about such things—and everybody should—might say “it’s about time.” By Taylor Armerding I March 14, 2022 Read More