NIST wants to the federal government to pay more attention to the supply chain
A federal IT standards body has moved to add key supply-chain provisions to its risk management guidance at a time of growing U.S. government concern that Russian and Chinese companies pose a threat to national security.
NIST releases updated cybersecurity framework
The new version updates the federal agency's guidelines in several areas, including authentication and identity; cyber risk self-assessments; managing supply chain cybersecurity; and vulnerability disclosure.
Report: hospitals are flooded with vulnerable IoT devices
The researchers found exposed medical images, protocols, databases, industrial controllers and healthcare systems software.
NIST engineering guide update provides advice for securing legacy IT systems
Volume two of NIST SP-800-160 focuses on cyber resilience engineering.
DHS leaders push cybersecurity risk assessment program for critical infrastructure companies
The program comes as DHS has moved to rid networks of products that could be used for nation-state led surveillance.
More than two years after historic breach, OPM continues to struggle with cybersecurity
The agency's Inspector General said things haven't really gotten better since OPM's infamous breach.