Please turn on your JavaScript for this page to function normally.
NIST
NIST releases finalized post-quantum encryption standards

NIST has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. The announced algorithms are specified in the first …

secure programming languages
Coding practices: The role of secure programming languages

Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or more secure language or language subset …

NIST NVD
NIST says NVD will be back on track by September 2024

The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and …

NIST
NIST unveils ARIA to evaluate and verify AI capabilities, impacts

The National Institute of Standards and Technology (NIST) is launching a new testing, evaluation, validation and verification (TEVV) program intended to help improve …

NIST CSF 2.0
The evolution of security metrics for NIST CSF 2.0

CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or …

NIST
NIST awards $3.6 million to address the cybersecurity workforce gap

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has awarded cooperative agreements totaling nearly $3.6 million aimed at building the …

NIST NVD
NVD: NIST is working on longer-term solutions

The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in software and, therefore, …

NIST NVD
NIST’s NVD has encountered a problem

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and …

supply chain
Integrating software supply chain security in DevSecOps CI/CD pipelines

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, …

NIST CSF 2.0
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure

The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …

artificial intelligence
Securing AI systems against evasion, poisoning, and abuse

Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In …

J. Wolfgang Goerlich
Strategies for cultivating a supportive culture in zero-trust adoption

In this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business …

Don't miss

Cybersecurity news