Search Results for: NIST

Privacy Framework: NIST is in the House.

This month, NIST kicked off a series of public meetings to highlight its efforts to create a voluntary Privacy Framework. Much in the same way it developed the Cybersecurity Framework, NIST is trying to achieve a technology-privacy balance within the guidance by crowdsourcing its way there.  By bringing in views from federal agencies, small businesses,… Read more »

Live Webinar NIST 800-171 Compliance Higher Education / Research Institutions

Thursday, May 10, 2018 2 – 3pm EST Register here Heather Engel, Sera-Brynn’s Chief Strategy Officer will discuss the challenges colleges and universities face as they attempt to secure their cyber infrastructure to comply with new federal regulations as a condition of receiving research grants. Sera-Brynn is a top 10 global cybersecurity compliance firm. “Most… Read more »

Sera-Brynn to present on NIST SP 800-171 Regulatory Requirements in Blacksburg, VA

Sera-Brynn’s Chief Strategy Officer, Heather Engel, will present a two-hour workshop on Strategic Planning for Cyber Risk: Protecting Data and Meeting Regulatory Requirements with NIST SP 800-171 on March 27, 2018 from 2:00pm to 4:00pm. Sponsored by the Virginia Tech Corporate Research Center, this session will discuss what these requirements may mean for your organization,… Read more »

Top 10 Mistakes in Implementing the NIST 800-171 Cybersecurity Requirements

Businesses supporting the U.S. Department of Defense work have 10 weeks left to fully comply with the cybersecurity provisions of the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 and associated clauses. At Sera-Brynn, we’ve been advising clients on the DFARS and NIST requirements since 2014, and we’ve seen mistakes from companies of all sizes… Read more »

NIST Password Guidelines Change

By Colin Glover, Sera-Brynn Sr. Cybersecurity Analyst The National Institute of Standards and Technology (NIST) recently updated their Digital Identity Guidelines, releasing NIST SP 800-63-3. This four-volume set, 800-63-3, 800-63A, 800-63B, and 800-63C, provide technical requirements for federal agencies implementing digital identity services. Of most importance to the DoD requirement for the protection of Covered… Read more »

Achieving NIST 800-171 Compliance: Steps You Can Take

Now that April is here, we are nine months away from NIST 800-171 compliance for defense contractors. As the deadline approaches, it will become more difficult to implement the controls in a cost-effective way that actually offsets risk. If your organization hasn’t already started, further delays will impact your ability to think carefully about what… Read more »

NIST 800-171 vs NIST 800-53: Big Differences

By Heather Engel, EVP Risk Management When evaluating your compliance with Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 and related clauses, or Federal Acquisition Regulations (FAR) Ruling 52.204-21, it’s important to understand the differences between the various National Institute of Standards and Technology (NIST) publications (https://www.nist.gov/publications). We’ll try to simplify it as much as possible,… Read more »

New CUI Rules as Described in NIST 800-171 and DFARS 252.204-7012

We are often asked by our clients how they know what information is considered Controlled Unclassified Information (CUI) or Classified Defense Information (CDI) as described in NIST 800-171 and Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204.7012. Understanding how information is stored, processed or transmitted within your company is essential because NIST 800-171 control 3.8.4… Read more »

NIST Releases Revision Impacting Defense Contractors, DFARS

The National Institute of Standards and Technology has released a draft Special Publication of NIST SP 800-171 Revision 1, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. This publication is the standard required for compliance with Defense Federal Acquisition Regulation 252.204-7012. You can read a summary of changes on the NIST download page,… Read more »

DFARS 252.204-7012, NIST 800-171 and Continuous Monitoring

By Heather Engel, Sera-Brynn, Executive Vice President  This article is the fourth in a series One of Sun Tzu’s more famous quotes from his book, “The Art of War,” is this: “The supreme art of war is to subdue the enemy without fighting.” Although the cagey, ancient Chinese general could not comprehend a future of… Read more »