NIST

What is Cybersecurity Risk?

According to NIST SP 800-60 volume 1 revision 1, Cybersecurity risks relate to the loss of confidentiality, integrity, or availability of information, data, or information (or control) systems and reflect the potential adverse impacts on organizational operations (i.e., mission, functions, image, or reputation) and assets, individuals, other organizations, and the Nation. Cybersecurity risk is the probability of exposure, …

What is Cybersecurity Risk? Read More »

NIST Incident Response Life Cycle

The NIST 800-61 revision 2 standard provides guidelines for incident handling, especially for analyzing incident-related data, and determining the appropriate response to each incident. The guidelines can be followed independently of particular hardware platforms, operating systems, protocols, or applications. Organizations that need to implement the NIST Incident Response Life Cycle, must first establish a computer …

NIST Incident Response Life Cycle Read More »

What is Vulnerability Management?

According to NIST, vulnerability management is a security practice that is designed to proactively prevent the exploitation of IT vulnerabilities that exist within an organization. The expected result is to reduce the time and money spent dealing with vulnerabilities and the exploitation of those vulnerabilities. Vulnerability management is generally defined as the process of identifying, …

What is Vulnerability Management? Read More »

Personally Identifiable Information (PII)

What is PII? The Nation Institute of Standard and Technology (NIST), defines personally identifiable information (PII) as Any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or …

Personally Identifiable Information (PII) Read More »