Breaking News from KDKA-TV – CBS Pittsburgh
Democrats are trying to figure out what to do about John Fetterman. One of them is stepping up Democratic Sen. John Fetterman of Pennsylvania isn’t even up for reelection until 2028, but already a one-time primary foe, Conor Lamb, is crisscrossing Pennsylvania looking and sounding like he’s preparing to challenge Fetterman again. Source
Primary Mitigations to Reduce Cyber Threats to Operational Technology
Overview The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), and Department of Energy (DOE)—hereafter referred to as “the authoring organizations”—are aware of cyber incidents affecting the operational technology (OT) and industrial control systems (ICS) of critical infrastructure entities in the United States. The authoring organizations urge critical […]
SP 800-53 Rev. 5, Security and Privacy Controls for Information Systems and Organizations
Date Published: September 2020 (includes updates as of Dec. 10, 2020) Supersedes: SP 800-53 Rev. 5 (09/23/2020) Planning Note (03/20/2025): (3/20/25) Updated the “Control Collaboration Index Template” files (Excel and Word). On November 7, 2023, NIST issued a patch release of SP 800-53 (Release 5.1.1) that includes: minor grammatical edits and clarification; the introduction of […]
CSWP 29, The NIST Cybersecurity Framework (CSF) 2.0
Publications    Documentation    Topics Date Published: February 26, 2024 Planning Note (09/24/2024): Now available: a new spreadsheet, CSF 1.1 to 2.0 Core Transition Changes Overview. See other links to CSF 2.0 resources on this page. Send inquiries about this publication to [email protected]. Author(s) National Institute of Standards and Technology The NIST Cybersecurity Framework (CSF) […]
CSRC Presentations | CSRC
Virtual Keynote for ISMG Virtual Cybersecurity Summit: Zero Trust, April 21, 2020 When Perimeter Defenses Are Not Enough: How Multidimensional Protection Strategies Can Provide True Cyber Defense-in-Depth The Advanced Persistent Threat (APT) is extremely dangerous to the national and economic security interests of the United States. We are totally dependent on computing systems of all types—including traditional Information […]
SP 800-236, Fiscal Year 2024 Cybersecurity and Privacy Annual Report
Publications    Documentation    Topics Date Published: April 2025 Editor(s) Patrick O’Reilly (NIST), Kristina Rigopoulos (NIST) Throughout Fiscal Year 2024 (FY 2024) — from October 1, 2023, through September 30, 2024 — the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy. This Annual […]
Cybersecurity Basics
Cybersecurity is a continuous process. Because your business, technologies, regulations/laws, and cybersecurity threats continue to change, your goal should be to always strive for continuous improvement in your cybersecurity risk management. There are many ways you can improve your business’ cybersecurity. Here are a few basic steps to get you started: Understand that cyber threats […]
NIST Updates Privacy Framework, Tying It to Recent Cybersecurity Guidelines
Credit: N. Hanacek/NIST How can society benefit from the use of personal data while also protecting individual privacy? Five years after debuting guidelines that can help organizations balance these goals, the National Institute of Standards and Technology (NIST) has drafted a new version of the NIST Privacy Framework intended to address current privacy risk management needs, […]
defense-in-depth – Glossary | CSRC
  Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.Sources: CNSSI 4009-2015 NIST SP 800-172 NIST SP 800-172A NIST SP 800-30 Rev. 1 under Defense-in-Depth from CNSSI 4009 NIST SP 800-39 under Defense-in-Depth from CNSSI 4009   An information security strategy that integrates people, technology, […]
computer network defense (CND) – Glossary
  Actions taken within protected cyberspace to defeat specific threats that have breached or are threatening to breach cyberspace security measures and include actions to detect, characterize, counter, and mitigate threats, including malware or the unauthorized activities of users, and to restore the system to a secure configuration.Sources: CNSSI 4009-2015 under cyberspace defense from DoDI 8500.01 […]