By Kathryn Daily, CISSP, CAP, RDRP Artificial intelligence (AI) is the theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages. One example of AI is the use of virtual filters on our face…
By Lon J. Berman, CISSP, RDRP Information Security Continuous Monitoring (ISCM) is arguably the most important step in the Risk Management Framework (RMF), since it is here that we ensure a system’s level of risk is maintained at an acceptable level over the long term. The recent initiative to establish…
By Kathryn Daily, CISSP, CAP, RDRP Back in February, NIST issued a public Request for Information (RFI) to identify how the Cyber Security Framework was being used and also for recommendations on improving the effectiveness of the Framework and its alignment with other cyber security resources. “Every Organization needs to…
By Lon J. Berman, CISSP, RDRP Welcome to 2022! It’s now been well over a year since the release of NIST SP 800-53 Rev 5, yet Rev 4 remains the DoD standard. When DoD first adopted RMF … back in 2014! …they expressed their commitment to “keeping up” with the…
By Kathryn Daily, CISSP, CAP, RDRP Ransomware is one of the top buzzwords you here today in reference to cybersecurity with good reason. Ransomware attacks nearly doubled in the first half of 2021. Thanks to NIST, organizations now have a framework of security objectives that support preventing, responding to, and…
By Kathryn Daily, CISSP, CAP, RDRP Back in September of last year (2020), NIST finally published the final version of Special Publication 800-53 Revision 5. Most notably, this revision incorporated privacy considerations in the security controls themselves rather than having separate control families for the privacy controls (e.g., AR, AP,…
By Kathryn Daily, CISSP, CAP, RDRP Back in September 2018, NIST announced their plans to develop a data privacy framework based off of their cybersecurity framework that has been extremely successful in both government and the private sector. NIST has worked with industry through webinars and workshops and incorporated both public…
By Kathryn Daily, CISSP, CAP, RDRP NIST has announced the development of a Privacy Framework. The framework is needed to ensure the ability to design, operate, or use technologies in ways that are observant of various privacy needs in a progressively connected and complicated environment. It is expected to help…
