Home » Tag Archives: NIST

Tag Archives: NIST

Resistance is Futile; You Must Comply

personally identifiable information

No threat actor ever avoided attacking your system because you marked a control as compliant. Yet organizations today are spending ever increasing resources to remain compliant with a myriad of frameworks, including the National Institute of Standards and Technology’s (NIST) Risk Management Framework (RMF), International Standards Organization (ISO) frameworks, such as ISO 27001, and ISACA’s Control Objectives for Information and ...

Read More »

Cyber Security: If You Don’t Know the Mission, You Don’t Know the Risk

cyber security

Like the good cyber security stewards we are, we regularly inventory our assets, assess known vulnerabilities, and stay abreast of the latest threat intelligence. So we know our risk, right? Not necessarily. When assessing risk, many cyber security professionals think of the technological impact, such as webserver downtime or the inability to deliver email. The truth is the impact is ...

Read More »

NIST Releases Second Draft of Agency Cyber Security Guide

Another gripping Lunarline cyber security press release

The data breach of 22.1 million records at the Office of Personnel Management (OPM) stands out among 2015’s disastrous security incidents as one of the most analyzed. Experts claim this catastrophic incident is a symptom of a larger problem in government cyber security, indicating a shortcoming of compliance standards for securing organizations. Now, about a year after the OPM incident, ...

Read More »

FISMA’s Race to the Bottom

FISMA Race to the Bottom

“Security control assessments and privacy control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass inspections or audits—rather, such assessments are the principal vehicle used to verify that implemented security controls and privacy controls are meeting their stated goals and objectives.” This is the first paragraph of the prologue of the National Institute of Standards and ...

Read More »