Thursday, April 25, 2024

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Creators Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Hot Topics

It’s All About Data: How to Drive Secure Use of AI
Navigating the Evolving Threat Landscape: Addressing 2024 CISO and Security Team Goals with MixMode
Episode 16
Shared responsibility
Cyber Threats in the Age of AI: Protecting Your Digital DNA

Data Security Security Bloggers Network

Home » Cybersecurity » Data Security » DATA SECURITY AND NIST COMPLIANCE

DATA SECURITY AND NIST COMPLIANCE

by Jacqueline von Ogden on November 6, 2018

When hearing the words NIST Compliance, businesses not familiar with the Federal Information Security Management Act (FISMA) terminology and procedures may cringe, but they don’t have to. National Institute of Standards and Technology (NIST) compliance and data security is required for DOD contractors and sub-contractors.

Organizations working and dealing with controlled unclassified information must comply with NIST SP 800-171. As a subset of NIST 800-53, the latest NIST SP 800-171 release covers Controlled Classified Information (CUI).

Techstrong Con 2024

Sponsorships Available

Sponsorships Available

Sponsorships Available

Defining NIST Compliance

Before the requirements of NIST are discussed, it is best to define compliance-related terms.

Controlled Unclassified Information (CUI) : CUI is sensitive information that relates to the interests of the US, but not regulated by the Federal governments.
Federal Information Security Management Act (FISMA): Federal law enacted in 2002 requiring federal agencies to develop, implement and document infosec programs.
Categories within FISMA include:
- System Integrity (SI)
- (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cimcor Blog authored by Jacqueline von Ogden. Read the original post at: https://www.cimcor.com/blog/data-security-and-nist-compliance

November 6, 2018November 6, 2018 Jacqueline von Ogden Data Security, NIST, security

← Researchers crack disk encryption in popular Samsung and Crucial SSDs
Buying Open Source →

Techstrong TV

Click full-screen to enable volume control

Watch latest episodes and shows

Upcoming Webinars

Mastering AI Security Posture Management for Cloud Security Professionals

Building better AppSec programs with ASPM

The Promise and Perils of AI

How Are You Protecting Your Company from API Security Breaches?

How Many Types of SBOM Are There?

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Akira Ransomware Group Takes in $42 Million From 250 Attacks in a Year

Nigeria, Romania, Russia, U.S. Among Top Cybercrime Nations

UnitedHealth: Ransomware Attackers Stole Huge Amount of Data

BreachRx Gets $6.5 Million to Automate Security Incident Response

Oak Ridge, McCrary Institute Establish Cybersecurity Center Focused on Electrical Grid

Review: ‘Artificial Intelligence — A Primer for State and Local Governments’

The 10 Women in Cybersecurity You Need to Follow

TA547 Phishing Attack: German Companies Hit With Infostealer

Understanding Spectre V2: A New Threat to Linux Systems

10 Essentials Every Anti-Phishing Course Must Have

Industry Spotlight

Cyberlaw Cybersecurity Data Privacy Data Security Featured Industry Spotlight Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

HHS Strengthens Privacy of Reproductive Health Care Data

April 23, 2024 Jeffrey Burt | 1 day ago 0

Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Incident Response Industry Spotlight Malware Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches

UnitedHealth: Ransomware Attackers Stole Huge Amount of Data

April 23, 2024 Jeffrey Burt | 1 day ago 0

API Security Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Deep Fake and Other Social Engineering Tactics Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Industry Spotlight Insider Threats IOT IoT & ICS Security Mobile Security Most Read This Week News Popular Post Regulatory Compliance Securing the Cloud Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threats & Breaches Zero-Trust

House Passes Privacy-Preserving Bill, but Biden Blasts it

April 18, 2024 Richi Jennings | Apr 18 0

Top Stories

Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

Cradlepoint Adds SASE Platform for 5G Wireless Networks

April 24, 2024 Michael Vizard | Yesterday 0

Cloud Security Cybersecurity Data Privacy Data Security Featured Malware Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches

CoralRaider Group Delivers Three Infostealers via CDN Cache

April 24, 2024 Jeffrey Burt | Yesterday 0

Analytics & Intelligence Cloud Security Cybersecurity Featured Identity & Access News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches Vulnerabilities

DirectDefense Report Sees Shifts in Cyberattack Patterns

April 24, 2024 Michael Vizard | Yesterday 0

Security Humor

Daniel Stori's ‘New Job’

Daniel Stori’s ‘New Job’

Download Free eBook

7 Must-Read eBooks for Security Professionals

Join the Community

Add your blog to Security Creators Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: [email protected]

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2024 Techstrong Group Inc. All rights reserved.

Secure Guardrails

Step 1 of 8

12%

Secure Guardrails Definition:

Secure guardrails enforce secure practices within software development workflows.

Does your organization currently implement secure guardrails in the software development process?(Required)

Yes, extensively across all projects

Yes, but only in specific projects or teams

In the process of implementation

No, but planning to in the near future

No, and no plans to implement

What are the biggest challenges you face in implementing secure guardrails within your development processes? (Select all that apply)(Required)

Lack of awareness or understanding

Technical difficulties in integration

Resistance from development teams

Lack of suitable tools

Cost constraints

Other

Other, tell us more:

How effective do you find secure guardrails in preventing security vulnerabilities in your projects? Rate on a scale from 1 (Not effective) to 5 (Highly effective)(Required)

1

2

3

4

5

To what extent are your secure guardrails automated?(Required)

Fully automated

Mostly automated with some manual processes

Equally automated and manual

Mostly manual with some automation

Entirely manual

What features do you prioritize in a secure guardrail solution? (Rank in order of importance)

Ease of integration into existing workflows
Comprehensive coverage of security vulnerabilities
Customizability for specific project needs
Minimal impact on development speed
Actionable insights and recommendations
Support for a wide range of programming languages and frameworks

What are your organization's plans regarding the adoption or enhancement of secure guardrails within the next 12 months?(Required)

Expand the use of secure guardrails to more projects

Enhance the capabilities of existing secure guardrails

Maintain current level of secure guardrail use without changes

Reduce reliance on secure guardrails

No plans related to secure guardrails

What best describes your primary role?(Required)

Security Engineer

DevOps Engineer

Platform Engineer

Security champion on the development team

Software Developer

CISO (or equivalent)

Sr. Management (CEO, CTO, CIO, CPO, VP)

Manager, Director

Other

Δ