Now two years old, the Cybersecurity Framework will get a few tweaks from NIST, but the community is generally happy with guidelines for securing the nation’s critical infrastructure. Information sharing remains a problem area, however.
Cybereye
A weekly column on all things cyber
Government’s IT legacy
Agencies are spending more than ever on maintaining legacy IT. But there was more smoke than fire at this week’s House committee hearing on legacy tech.
It is time to prepare for solar storms
As the U.S. power grid becomes increasingly vulnerable to electromagnetic disruptions—both natural and manmade—the clock is ticking toward possibly catastrophic solar storms that some scientists say are inevitable.
Future-proofing cryptography
Advances in quantum computing threaten the cryptographic systems now securing commercial and government communications. NIST is launching an effort to identify post-quantum algorithms that can resist this new paradigm.
Bringing cybersecurity to all things
As the boundary between the real world and cyberspace becomes more blurred, NIST is offering guidance for engineering cybersecurity into increasingly complex physical systems.
We’re losing the race to secure our smart autos
The use of IT systems in automobiles is outpacing industry’s ability to secure them, and effective government regulation is likely to be a decade or more away.
Living in the real world
The IRS is preparing for a digital future as if the Real World had already disappeared. It’s no surprise that the agency’s taxpayer service has gone to hell. IRS managers and their congressional overseers have to acknowledge that the Internet is not now—and probably never will be—the answer to everything.
Scheme for Format-Preserving Encryption can help secure personal data
NIST has published recommendations for using crypto algorithms such as AES for format-preserving encryption (FPE), which can be a big help in protecting personal financial and health data.
New Protection Profile brings security to valuable desktop real estate
A new Common Criteria protection profile for peripheral sharing switches boosts the security of desktop components where classified and unclassified networks converge.
Information sharing remains a challenge as Cybersecurity Framework matures
The Cybersecurity Framework is a work in progress. It has been generally well received by industry, but the old bugaboo of cybersecurity sharing remains a challenge as NIST mulls the next steps.