Ok, it’s another Friday night and I was just scanning around web and came across an interesting series of videos over on FedScoop.com. They run a feature called FedMentors and it included a set of six videos featuring Ron Ross answering several questions. One of the quick-hitting videos highlighted him pondering the question “What’s...
Read more »
Every once in a while in my corporate gig some snarky guy with some book smarts and no actual infosec experience poses this question to show off. While I passed my CISSP years ago, which is where I would have probably memorized this, I often have a hard time recollecting the exact difference. Mr....
Read more »
Ok, I had to go with the “Words Starting with N” theme. Oh and by Notes, I really mean Comments. And by NICE I really mean the National Initiative for Cybersecurity Education. I had been meaning to write about this a little sooner as you can tell by the dates of the articles referenced...
Read more »
I came across an article over at GovInfoSecurity.com where they interviewed Ron Ross about the future of Special Publication 800-53. As most of you have probably heard there is a draft appendix that contains a bunch of new privacy controls. We discussed this a while ago, mentioning how in most cases new controls are...
Read more »
If you haven’t heard, NIST has recently published Special Publication 800-128: Guide for Security Configuration Management of Information Systems. Local NoVA blogger Chris “@cyberhiker” Burton recently put out a detailed post with his thoughts on this newly release document. Based on Chris’s review, it looks like a step in the right direction … but...
Read more »
In case you missed the announcement on Tuesday, National Institute of Standards and Technology (NIST) has released a draft of new privacy controls to be included in the next update of Special Publication (SP) 800-53. Currently referred to as SP 800-53 Appendix J, the update provides the first steps to standardizing what privacy means...
Read more »
We been hearing it for a while now. I know some that have already thought about this a lot. And I know some others that say they are going to contribute. But then I know many that didn’t even know… What exactly am I talking about? Well, it’s just an update to one of...
Read more »
Every once in a while an opportunity presents itself to affect some real change in federal information security practice. Now is such a time. A slew of new NIST documents are being released between now and April. These are the core NIST documents that describe how to satisfy FISMA. They include NIST SPs 800-30 Revision...
Read more »
The ISSA – DC Chapter meetup this upcoming Tuesday, June 16th will discuss the upcoming changes in NIST 800-53 and why you should care about them. According to the ISSA – DC site, “elping organizations develop an enterprise-wide risk management strategy that integrates information security requirements into mission/business processes and the information systems supporting...
Read more »
TheTrainingCo will be holding this year’s Techno Forensics Conference infosec event next week. This is the second of the many conferences this week. Here are the logistics for this year’s conference:
Read more »
Should We Change Our Name to NovaInfosec.com?
Total Voters: 11
Loading ...
