Critical infrastructure has been further defined by the Cybersecurity and Infrastructure Security Agency (CISA) as centering ...

The General Services Administration's new requirements for protecting controlled unclassified information apply immediately to new contracts, at the contracting officer's discretion.

On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This ...

Version 2.0 of NIST's Cybersecurity Framework, often cited by financial regulators, provides a structured approach to enhancing an institution's cybersecurity. The federal agency in charge of ...

On December 16, 2025, the National Institute of Standards and Technology (“NIST”), a non-regulatory federal agency within the ...

The Health Information Trust Alliance unveiled additions to the ninth version of its common security framework. The HITRUST CSF is a comprehensive security framework that incorporates information ...

After releasing the first version of its Cybersecurity Framework in 2014, the National Institute of Standards and Technology (NIST) has released its first update to the guidance document.

NIST seeks comments ahead of the 2024 release of CSF 2.0, which aims to appeal to a broader range of organizations while elevating the importance of corporate governance and more fully addressing ...

The US National Institute of Standards and Technology (NIST) has released the latest draft of its well-regarded Cybersecurity Framework (CSF) this week, leaving companies to mull how a few significant ...

Despite some halting progress with cybersecurity readiness, healthcare is still lacking in many key areas, according to a new progress report from the consultancy CynergisTek. In particular, the study ...

There's something to be said for persistence. Last week, the White House announced that it had tasked the National Institute of Standards and Technology (NIST) with creating a framework that would ...

The National Institute of Standards and Technology wants to know how it might improve its landmark framework of cybersecurity standards and practices and streamline similar efforts related to ...