NIST
MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’
These are “interesting” times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16 ...
NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue
NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to ...
The Importance of Code Signing Best Practices in the Software Development Lifecycle
To ensure a secure software supply chain, the need for robust security measures cannot be overstated. One such measure, which serves as a cornerstone for safeguarding software authenticity and integrity, is code ...
NIST SP 800-171 Rev 2 vs Rev 3: What’s The Difference?
Government cybersecurity and information security frameworks are a constant work in progress. Many different frameworks draw their requirements from the National Institute of Standards and Technology, and one of the most important ...
NIST Releases New Report on Crypto-Agility – What You Need to Know Now
If you’re keeping up with post-quantum cryptography (PQC), here’s some big news: The U.S. National Institute of Standards and Technology (NIST) has released a fresh initial public draft of a Cybersecurity Whitepaper ...
Key Post-Quantum Cryptography Insights from the Executive Order On Strengthening And Promoting Innovation in the Nation’s Cybersecurity
Ever since the U.S. National Institute of Standards and Technology (NIST) set 2030 as the deadline for retiring legacy encryption algorithms like RSA and ECDSA, the PKI industry is abuzz with activity ...
Key Takeaways from the Latest NIST Guidance on Transitioning to Post-Quantum Cryptography
NIST recently released an Initial Public Draft (IPD) report on transitioning from traditional public-key cryptographic algorithms to standardized post-quantum cryptography (PQC). This report details NIST’s roadmap for the PQC adoption, including timelines ...
In a Growing Threat Landscape, Companies Must do Three Things to Get Serious About Cybersecurity
Several macro-trends – such as growing digital transformation, rising hybrid work and, especially, booming AI adoption – have created an increasingly sophisticated threat landscape ...
A Closer Look at NIST’s Legacy Encryption Algorithm Transition Plans and Finalized PQC Algorithm Standards
NIST sets key deadlines for retiring legacy encryption algorithms, with widely-used methods like RSA, ECDSA, EdDSA, DH, and ECDH set for deprecation by 2030 and full phase-out by 2035. Last week, NIST ...
Chinese Research Using Quantum System to Crack Encryption a ‘Cautionary Tale’
Chinese researchers used a D-Wave quantum computer to crack a 22-bit encryption key, which can be used as a cautionary tale for what may lie ahead with future quantum systems but doesn't ...
