Tag: nist
112 articles

Credentials Face Quantum Threat Decades Ahead
The NSA has set a critical deadline: by January 1, 2027, new national security systems must support quantum-resistant algorithms to stay ahead of emerging threats. With deadlines stretching into the 2030s, organizations must plan now to protect their systems from the looming quantum threat.

NIST's Vulnerability Database Plagued by Duplication, Inefficiency
The National Vulnerability Database is facing a massive backlog crisis, with unprocessed security flaws doubling from 13,000 in June 2024 to over 27,000 by the end of 2025, and officials admit they lack a long-term plan to tackle the problem. Despite promising to clear the backlog by September 2024, the database continues to struggle with inefficiencies and a lapsed contract.

Drupal Warns of Highly Critical Vulnerability Requiring Immediate Patch
Drupal is warning of a highly critical vulnerability that requires immediate attention, urging site operators to clear their calendars for a crucial patch rollout on Wednesday, May 20, between 1700 and 2100 UTC. Exploits could be developed within hours or days, making swift action essential to protect your site.

AI Reshapes Cybersecurity With Renewed Focus on Fundamentals
Artificial intelligence is revolutionizing cybersecurity by refocusing efforts on timeless fundamentals, empowering agencies to make informed decisions with the help of established frameworks like the NIST Cybersecurity Framework. By layering new AI-related risks over existing ones, Cheri Pascoe, Director of the National Cybersecurity Center of Excellence at NIST, highlights the need for a strategic approach to tackle these emerging threats.

NIST Scales Back Vulnerability Ratings Amid Surge in Submissions
The National Institute of Standards and Technology is overhauling its vulnerability rating system, scaling back severity scores for lower-priority flaws as submissions surge. This change means some software flaws will no longer get a severity score, shifting focus to the most critical vulnerabilities.

NIST Curtails CVE Enrichment Amid Vulnerability Surge
The National Institute of Standards and Technology (NIST) is overhauling its approach to enriching entries in the National Vulnerability Database (NVD) due to a staggering 263% surge in vulnerability submissions. To keep pace, NIST will now prioritize enrichment for only the most critical entries that meet specific conditions.

NIST Shifts Focus to Enriching Exploited Vulnerabilities
The National Vulnerability Database is shifting gears: going forward, it'll prioritize enriching newly reported and actively exploited vulnerabilities, temporarily deprioritizing older entries. This change comes as the database faces an unprecedented surge in reported software flaws, with a record number of Common Vulnerabilities and Exposures (CVEs) submitted.

NIST Refocuses CVE Analysis Amid Vulnerability Surge
The National Institute of Standards and Technology (NIST) has adjusted its approach to vulnerability analysis, now prioritizing critical software, government systems, and actively exploited vulnerabilities amid a surge in reported threats. This strategic refocus aims to optimize its National Vulnerability Database's impact in a threat landscape that's outpacing its capacity.

Enterprises urged to accelerate post-quantum transition planning
Don't wait until it's too late - experts warn that enterprises must start planning and executing their transition to post-quantum cryptography now to stay ahead of the curve. By taking a proactive approach, organizations can demystify this complex technical shift and turn it into a manageable operational task.

Microsoft Cloud Security Falls Short in Government Review
A scathing government review has revealed that Microsoft's cloud security documentation is woefully inadequate, leaving evaluators with a disturbing lack of confidence in the system's overall security posture. This shocking finding raises serious concerns about the reliability of one of Microsoft's largest cloud offerings.

AI Takes Center Stage at Federal Cybersecurity Summit
At the Federal Cybersecurity Summit, AI is taking center stage as a crucial tool for federal leaders to tackle the daunting challenge of evolving cyber threats and limited resources. The summit aims to spark a practical conversation on harnessing AI-driven defenses to move beyond mere compliance and toward effective, real-world solutions.

Pentagon's Zero Trust Drive Hits 2027 Compliance Hurdles
The Pentagon's ambitious 2027 deadline to adopt a Zero Trust Framework and overhaul its cyber defenses is raising concerns among experts - can compliance be achieved without sacrificing actual security gains? The journey to zero trust is complex, and experts warn it's not just a destination, but a continuous process that requires meaningful security outcomes.

Risk Management Takes Critical Turn with NIST SP 800-39 Insights
In today's high-risk digital landscape, effective risk management is no longer a choice - it's a necessity for protecting your organization's information systems and sensitive data. By adopting a comprehensive risk management approach, you can ensure the confidentiality, integrity, and availability of your data and stay ahead of evolving cyber threats.

Quantum Computing Poses Alarming Threat to Encryption, Google Warns
Google warns that quantum computing poses a catastrophic threat to our digital security, potentially tearing apart the encryption that safeguards our sensitive information. The clock is ticking - tech giants are racing to develop post-quantum cryptography before it's too late.

NIST Unveils Critical Identity Verification Standard for Federal Workers
The National Institute of Standards and Technology (NIST) has just unveiled a groundbreaking identity verification standard to safeguard the identities of federal workers and contractors, addressing the growing threat of identity theft and cybersecurity breaches. This critical new standard is a major step forward in protecting sensitive information and preventing unauthorized access.

NIST Guidance Offers Critical Framework for Rapid Cyber Incident Response
In today's high-stakes cybersecurity landscape, it's not a question of if you'll be breached, but when - making swift and effective incident response a critical priority. NIST guidance provides a vital framework for responding to cyber incidents quickly and minimizing damage.

Microsoft Patch Tuesday Brings Critical Fixes for 77 Vulnerabilities
Microsoft's latest Patch Tuesday update is a wake-up call, addressing a whopping 77 vulnerabilities in Windows and other software - a stark reminder that cybersecurity threats are always lurking. Stay safe by staying up-to-date with the latest security patches.

U.S. Army Exclusive: Coast Guard Cybersecurity Best Tips
When a cutter loses its chart feeds in a storm, it’s resilience—not perimeter walls—that steers it home. Get Coast Guard cybersecurity best tips on identity-centric Zero Trust, continuous monitoring, and practical IAM and automation steps you can deploy today.

Federal Application Security Exclusive Best 3 Cs for DevOps
Federal application security is no longer a one-off checklist—its about weaving compliance, customization, and continuous assurance into DevOps pipelines so agencies can govern sprawling software supply chains. The Three Cs turn security into an automated, measurable program that outpaces today’s adversaries and meets modern policy demands.

Public Wi-Fi Sparks Stunning, Affordable Small-City Growth
Once a simple convenience for visitors and students, public Wi‑Fi has become a must‑have growth tool—turning parks, main streets and amphitheaters into digital destinations that boost commerce, expand civic access and attract remote workers. But towns that roll it out will face real decisions around governance, security and long‑term costs.

Cybersecurity Best 2026 Predictions: Must-Have Insight
As quantum computers threaten to unlock todays encrypted data, moving to post-quantum cryptography is no longer optional but urgent. Here are five practical 2026 predictions— from large-scale rollouts and cryptographic agility to biometric trade-offs— that every technologist, policymaker and user should heed.

Cybersecurity Predictions 2026: 5 Exclusive Best Practices
Will your secrets survive 2026? Learn five practical, evidence-backed best practices—starting with post‑quantum cryptography readiness—to harden encryption, biometrics, AI defenses and governance before attackers move at machine speed.

Secure Cloud Workloads: Exclusive Best Practices at Scale
Dont let one wrong permission undo your cloud gains—learn the identity-first, Zero Trust practices top teams use to secure cloud workloads at scale. This practical guide delivers clear, scalable steps to balance speed, cost and risk.

Collaboration and AI: Stunning Best Defense for Agencies
Collaboration and AI are becoming the winning lifeline for federal agencies facing smarter, faster cyberattacks. By pairing shared threat intelligence with machine-speed detection and response, agencies can turn fragmented defenses into proactive, resilient security.