The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help technical cyber security professionals in all organisations mitigate cyber security incidents caused by various threats.
On January 10, NIST has released a draft update of its Cybersecurity Framework.
The new draft is focused on managing cyber supply chain risks and introducing measurement methods for cyber security to help organizations reduce their risks.
The main objective of this report is to provide relevant good practices in terms of taxonomies for incident detection and prevention for the CSIRT community. Additionally, it aims to provide conclusions and recommendations based on the qualitative assessment of taxonomies within the current taxonomy landscape on improvements that can be made on current taxonomies, such as what fields can be extended or added to existing taxonomies.
ENISA decided to provide further guidance to SMEs on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the personal data processing operation and subsequently assess the associated security risks.
As announced at the end of 2016, the Czech National Security Authority (NSA) is establishing a new headquarters for its National Cyber-Security Centre (NCSC) to protect the Czech Republic from hackers' attacks and other security incidents.
Europol's European Cybercrime Centre (EC3) Retail Cyber Hack exercise with MasterCard underlines the importance of improving information sharing on cyber crime as key to strengthening cyber security approaches across the European Union.
The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has released a self-assessment tool to help organisations better understand the effectiveness of their cyber-security risk management efforts.
The document is called Baldrige Cybersecurity Excellence Builder and it is based on two of the main NIST resources, the organisational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanism from the Cyber Security Framework.
The National Institute of Standards and Technology (NIST) last week released an essential guide to help SMEs protecting their data and information.
"Small Business Information Security: The Fundamentals" is written for small-business owners not experienced in cybersecurity and explains basic steps they can take to better protect their information systems.