Tags: NIST

What Is the NIST Cybersecurity Framework?

Learn what the NIST Cybersecurity Framework is, who it impacts, and how to implement it in Data Protection 101, our series on the fundamentals of information security. Set forth by the National Institute of Standards and Technology under the United States Commerce Department, the Cybersecurity...
Read 0 Comments

Introduction: A New Quantum Revolution

When two good things get together, they can create something even better. That’s the case with quantum information—the marriage of quantum physics and computing theory. The National Institute of Standards and Technology (NIST) has contributed to much of its history and is helping to shape its...
Read 0 Comments

8 Takeaways from NIST’s Application Container Security Guide

Companies are leveraging containers on a massive scale to rapidly package and deliver software applications. But because it is difficult for organizations to see the components and dependencies in all their container images, the security risks associated with containerized software delivery has...
Read 0 Comments

New Network Security Standards Will Protect Internet’s Routing

Electronic messages traveling across the internet are under constant threat from data thieves, but new security standards created with the technical guidance of the National Institute of Standards and Technology (NIST) will reduce the risk of messages being intercepted or stolen. These standards...
Read 0 Comments

Changes in Password Best Practices

NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially...
Read 0 Comments

Dealing with NIST's About-Face on Password Complexity

In the last few years, we've been seeing some significant changes in the suggestions that security experts are making for password security. While previous guidance increasingly pushed complexity in terms of password length, the mix of characters used, controls over password reuse, and forced...
Read 0 Comments

NIST to Security Admins: You've Made Passwords too Hard

Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don't seem to be getting savvier about their password usage. The good news is that how we think about password security is changing as other authentication methods become more popular. Password security...
Read 0 Comments

National Software Reference Library: An Important Digital Tool for Forensic Investigators

The story starts with Stephen M. Cabrinety, the Stanford University Libraries, and NIST's National Software Reference Library (NSRL). Cabrinety collected more than 50,000 pieces of commercial software and nearly 300 functioning microcomputer systems—some dating back to the mid-1980s. Stanford...
Read 0 Comments

NIST Denounces SMS 2FA - What are the Alternatives?

Towards the end of July 2016, the National Institute of Standards and Technology (NIST) started the process of deprecating the use of SMS-based out-of-band authentication. This became clear in the issue of the DRAFT NIST Special Publication 800-63B, Digital Authentication Guideline.  NIST Special...
Read 0 Comments

NIST Declares the Age of SMS-Based 2-Factor Authentication Over

2-factor authentication is a great thing to have, and more and more services are making it a standard feature. But one of the go-to methods for sending 2FA notifications, SMS, is being left in the dust by the National Institute of Standards and Technology. NIST creates national-level guidelines and...
Read 0 Comments
Click Here!