The NIST SP 800-53 provides guidance for how organizations should implement and maintain custom security and privacy controls for information systems. Whether you need to understand NIST SP 800-53 for compliance, or you just want to strengthen your IT security systems, you’ve come to the right place. This guide explains everything you need to know… (more) NIST SP 800-53 Control Families Explained
NIST Special Publication 800-53 establishes information security standards and privacy control policies for federal agencies. Its goal is to secure assets, operations, users, and organizations in the US from a wide range of cyber threats—including malicious attacks, user error, and natural disasters. Overall, NIST SP 800-53 offers a holistic framework for information security. Government agencies,… (more) NIST SP 800-53 Revision 4 Vs. 5: Side-by-Side Comparison
NIST Special Publication (SP) 800-53 defines the best practices for implementing secure information systems to protect sensitive data. Originally published in 2005 to assist government agencies with FISMA (Federal Information Security Modernization Act), the publication has gone through several revisions over the years, and its language today can be applied to any organization that wants… (more) NIST SP 800-53 Compliance Checklist
There are multiple cybersecurity frameworks that organizations can use to improve their security posture. Perhaps the two most trusted sources for providing these standards are the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST). Yet, despite the abundance of trusted frameworks, organizations still face the proverbial Goldilocks dilemma. On… (more) CIS Vs. NIST: Side-by-Side Comparison
Cybersecurity is one of the most important aspects of running a business in the 21st century. In today’s digital world, businesses are increasingly reliant on technology, which makes them more vulnerable to cyberattacks. A cyberattack can have serious consequences for a business, including financial loss, reputational damage, and even legal liability. That’s why it’s so… (more) The Ultimate Manual to the Vulnerability Management Process
Enterprise hardware and software assets come with default settings for easy use and quick deployment. However, these default configurations introduce security risks to the organization’s network. For example, open ports, unnecessary applications, and services provide hackers with potential attack vectors. Creating configuration standards from scratch is a tough sell for most organizations. So instead, they… (more) STIG Vs. CIS: Side-by-Side Comparison
If you are having trouble deciding on the best practices to use in your company’s cybersecurity defense, making use of CIS Controls is a good place to start. Deploying CIS Controls helps to reduce the risk of a hacker completing a successful cyberattack against your business. We’ll walk through the steps you can take to… (more) How to Use the CIS Controls Framework for Your Business
The Center of Internet Security (CIS) comprises cybersecurity professionals and experts from around the world who identify, validate, and promote cyber defense security practices. The CIS has developed various international hardening standards and benchmarks that provide insight into improving your cybersecurity controls. Its hardening guidelines are a part of CIS’s mission to bring physical protection… (more) The Ultimate Manual to CIS Hardening Guidelines
Inbound documents are documents that are owned externally and shared with accounts at your company. More times than not, securing these documents is an afterthought because they are owned by other companies or external accounts. But this doesn’t make them any less risky. Oftentimes, these documents contain highly confidential company information, and they are not… (more) The Complete Guide To Securing Inbound Documents
With the passage of HIPAA (Health Insurance Portability and Accountability Act) in 1996, companies handling a patient’s medical information needed to protect it. If your company handles medical information, you must protect it from hackers or others who do not need to see it. HIPAA spells out the type of information that needs protecting. Additionally,… (more) The Complete Guide to HIPAA Training Requirements