NIST

BackBox Unveils Major Update to Network Vulnerability Manager, Enhancing CVE Mitigation and Risk Scoring

Retrieved on: 
Tuesday, March 26, 2024
User interface, OS, CISA, NIST, National Vulnerability Database, BackBox, NVD, CVE, NVM, Risk management

DALLAS, March 26, 2024 /PRNewswire/ -- After releasing Network Vulnerability Manager (NVM) in Q4 2023, BackBox, a leader in security-centric automation for network teams, has announced a major platform feature update that gives customers the ability to mark irrelevant or already-mitigated Common Vulnerabilities and Exposures (CVEs) as "mitigated," helping network teams manage CVEs and their relevance to the organization.

Key Points: 
  • BackBox has also improved its User Interface (UI)  to help network engineers manage mitigated CVEs and give them the flexibility to view their organization's risk posture either by CVE or by device.
  • "Our customers appreciate that we make network vulnerability management easy by empowering them to see their risk scores update in real-time through the CVE 'mitigated' feature and closed-loop remediation," said BackBox CEO Andrew Kahl.
  • BackBox launched Network Vulnerability Manager in October 2023 to integrate automated OS upgrades and network configuration management capabilities with network vulnerability management into common workflows.
  • NVM is purpose-built for network teams to easily discover vulnerabilities in their network, prioritize CVEs according to their unique risk profile, and automate remediation, no matter the network complexity.

Clarkson University Announces New Cybersecurity Masters Program

Retrieved on: 
Monday, March 25, 2024
SRC, Risk management, Computer science, AIS, Education, OSS, Internet, Research, Artificial intelligence, Clarkson University, University, AI, Postgraduate education, Computer engineering, Electricity, Unisys, IBM, VMware, Student, NIST, Master, Lockheed Martin, Machine learning, Multimedia, COSI, Government

Clarkson University is rising to meet this challenge by offering a new Masters degree in Cybersecurity.

Key Points: 
  • Clarkson University is rising to meet this challenge by offering a new Masters degree in Cybersecurity.
  • The depth and range of research in the field of Cybersecurity already being conducted by Clarkson University faculty serves to bolster the education of students entering the program.
  • Students in Clarkson's Cybersecurity program will have access to a variety of resources, including the Clarkson Open Source Institute (COSI) .
  • For more information about the Cybersecurity degree program at Clarkson University, visit clarkson .edu/cybersecurity .

Hancom announces strategic investment in Spanish AI biometric company FacePhi

Retrieved on: 
Monday, March 25, 2024
Certification, Face, Forgery, Voice recognition, Acquisition, AI, NIST, Investment, Pupil, Yeon, Facial recognition

BARCELONA and SEOUL, South Korea, March 25, 2024 /PRNewswire/ -- Hancom (CEO Seong-jun Byun and Yeon-soo Kim) plans to make a strategic investment in FacePhi, a Spanish artificial intelligence (AI) biometric company.

Key Points: 
  • BARCELONA and SEOUL, South Korea, March 25, 2024 /PRNewswire/ -- Hancom (CEO Seong-jun Byun and Yeon-soo Kim) plans to make a strategic investment in FacePhi, a Spanish artificial intelligence (AI) biometric company.
  • This investment agreement will allow Hancom to make equity investments in FacePhi and secure exclusive business rights to FacePhi in the APAC region.
  • Listed simultaneously on the Spanish and French stock exchanges, FacePhi holds various AI-based biometric technologies such as face, fingerprint, pupil, and voice recognition technologies required for biometric authentication.
  • "We will continue to lead the AI market by actively promoting collaboration with, investment in, and acquisition of competent AI businesses."

2024 U.S. Celebration of World Standards Day to Highlight Standards for Climate Change Amidst "A Shared Vision for a Better World"

Retrieved on: 
Friday, March 22, 2024
Climate change, Environment, American National Standards Institute, Collaboration, NIBS, NHC, NIST, WSD, Multimedia, Government, ANSI

NEW YORK, March 22, 2024 /PRNewswire/ -- Collaboration is the key to achieving shared goals. The U.S. standardization system has the greatest impact when all stakeholders work together. Particularly as our climate continues to change, the standards community and the whole of the built environment must be resilient and ready to face the challenges ahead. Recognizing the progress that the standards community makes together for the greater good, the 2024 U.S. Celebration of World Standards Day (WSD) will celebrate the theme, "A Shared Vision for a Better World: Standards for the Changing Climate."

Key Points: 
  • Particularly as our climate continues to change, the standards community and the whole of the built environment must be resilient and ready to face the challenges ahead.
  • Recognizing the progress that the standards community makes together for the greater good, the 2024 U.S. Celebration of World Standards Day (WSD) will celebrate the theme, "A Shared Vision for a Better World: Standards for the Changing Climate."
  • In 2024, the standards community will reflect on how we can achieve more through collaborative standardization efforts, developing solutions for complex global challenges.
  • The celebration will highlight how working together can counter the negative impacts of climate change for a better, more resilient, and more equitable world for the next generation.

TrustArc & Privya.ai Launch Comprehensive Data Automation for Privacy & AI Governance

Retrieved on: 
Thursday, March 21, 2024
AdChoices, Certification, DPIA, Organization, TrustArc, Risk, Partnership, IAB, ROPA, SAN, GDPR, Classification, CMP, NIST, OECD, Data collection, Privacy, Collection, Marketing, Medical device

TrustArc's and Privya's integrated offering encompasses data creation, collection, classification, risk analysis, and reporting for privacy and security compliance, completed in days versus months.

Key Points: 
  • TrustArc's and Privya's integrated offering encompasses data creation, collection, classification, risk analysis, and reporting for privacy and security compliance, completed in days versus months.
  • Key capabilities include continuous code-based data discovery, automated privacy and security risk analysis, and on-demand regulatory reporting.
  • Following industry best practices, the integrated partner solutions automate today's privacy processes, track high-risk AI use cases, check for conformity with regulations, and expose third-party vendors to provide continuous monitoring and enhanced AI transparency.
  • TrustArc's proprietary risk engine includes controls from 130+ laws and standards, including NIST AI and OECD AI, to ensure robust privacy and security risk analysis.

Tuya Smart Shares Front-line Insights to Advance Discussions on Cyber Norms in Europe

Retrieved on: 
Thursday, March 21, 2024
Comprehension, Certification, Organization, TrustArc, Internet of things, Partnership, International, White paper, GDPR, Tuya, CCPA, Research institute, Leiden University, AWS, Senior, NIST, Amazon Web Services, Computer security, Security studies, HKEX, Legislation, Security, University of Bonn, Medical device

THE HAGUE, Netherlands, March 21, 2024 /PRNewswire/ -- Tuya Smart (NYSE: TUYA, HKEX: 2391), a global IoT developer service provider, shared front-line insights at a cyber norms forum co-hosted by the Research Center for Global Cyberspace Governance (RCGCG) and the Cyber Security Governance of Leiden University to further advance discussions on cybersecurity regulation in Europe.

Key Points: 
  • THE HAGUE, Netherlands, March 21, 2024 /PRNewswire/ -- Tuya Smart (NYSE: TUYA, HKEX: 2391), a global IoT developer service provider, shared front-line insights at a cyber norms forum co-hosted by the Research Center for Global Cyberspace Governance (RCGCG) and the Cyber Security Governance of Leiden University to further advance discussions on cybersecurity regulation in Europe.
  • "Overcoming these challenges demands a comprehensive strategy, incorporating national governance, innovative enterprise-level solutions, and global cooperation," said Holmes Chen, Senior PR Director of Tuya Smart.
  • On the global stage, Tuya has demonstrated its cybersecurity and data protection prowess through the Ernst & Young SOC 2 Audit program.
  • Discussions at the forum also touched on the latest advancements in European legislation, discussing the EU Cybersecurity Act and the European Cyber Resilience Act.

Nonprofit Federal Alliance for Safe Homes (FLASH) Identifies Tornado Safety Knowledge Gaps and Launches 2024 #TornadoStrong Educational Campaign

Retrieved on: 
Tuesday, March 19, 2024
NIST, FLASH, Tornado, Federal Alliance (South Africa), Tornado Alley, Safety, Property insurance

TALLAHASSEE, Fla., March 19, 2024 /PRNewswire/ -- As the spring tornado season approaches, the latest survey conducted by the nonprofit Federal Alliance for Safe Homes (FLASH) sheds light on persistent challenges in tornado safety awareness among Americans residing in high-risk locations. The annual research effort, Is America #TornadoStrong?, engaged 500 residents across 12 tornado-prone states to gauge their understanding of protective measures, home strengthening, and increasingly affordable safe rooms and storm shelters.

Key Points: 
  • TALLAHASSEE, Fla., March 19, 2024 /PRNewswire/ -- As the spring tornado season approaches, the latest survey conducted by the nonprofit Federal Alliance for Safe Homes (FLASH) sheds light on persistent challenges in tornado safety awareness among Americans residing in high-risk locations.
  • Nearly 95% of U.S. counties have experienced tornado watches within the last five years.
  • "However, we have yet to reach our goal of making tornado safety second nature for all in harm's way."
  • Furthermore, the survey identifies a significant gap in awareness regarding the life-saving potential of safe rooms.

TPx's New Virtual Compliance Officer Solution Helps Companies Maintain Defensibility Against Ever-Changing Regulations

Retrieved on: 
Tuesday, March 19, 2024
Security Advisory Services, Risk, CMMC, Senior, NIST, HIPAA, Computer security, MSP, Audit

AUSTIN, Texas, March 19, 2024 /PRNewswire-PRWeb/ -- TPx, a leading nationwide managed services provider (MSP) delivering managed networks, cybersecurity and cloud communications, has launched a Virtual Compliance Officer solution as part of its Security Advisory Services to help companies navigate and manage their information security compliance.

Key Points: 
  • TPx has launched a Virtual Compliance Officer solution as part of its Security Advisory Services to help companies navigate and manage their information security compliance.
  • AUSTIN, Texas, March 19, 2024 /PRNewswire-PRWeb/ -- TPx , a leading nationwide managed services provider (MSP) delivering managed networks, cybersecurity and cloud communications, has launched a Virtual Compliance Officer solution as part of its Security Advisory Services to help companies navigate and manage their information security compliance.
  • With complex and ever-changing regulations, TPx's Virtual Compliance Officer solution offers comprehensive oversight of compliance and legal standards, reducing the risk of non-compliance.
  • For more information about TPx's Virtual Compliance Officer offering, please visit: https://www.tpx.com/services/managed-it/security-advisory-services/ .

Exostar Enhances The Exostar Platform's Onboarding Module to Include Defense Industrial Base's Cybersecurity Compliance and Risk Assessment

Retrieved on: 
Tuesday, March 19, 2024
Department of Defence, LM, Supply chain, CCRA, Innovation, Risk management, Cybersecurity Maturity Model Certification, Working Group, Risk, Huntington Ingalls Industries, National security, Rolls-Royce, Risk assessment, CMMC, OBM, Senior, Supply, CSQ, NIST, Certification, Lockheed Martin, Computer security, Completeness, Grumman, Microsoft Excel, RTX, Defense industrial base, BAE Systems, DIB

HERNDON, Va., March 19, 2024 /PRNewswire/ -- Exostar, a leader in trusted, secure business collaboration and NIST 800-171 and CMMC solutions for the aerospace and defense industry, today announced The Exostar Platform's Onboarding Module now supports the Cybersecurity Compliance and Risk Assessment (CCRA).  Prime contractors throughout the Defense Industrial Base (DIB) have begun to use the CCRA to gather cybersecurity information from the companies throughout their global, multi-tiered supply chains to assess compliance, understand and manage risk, and evaluate partnerships.

Key Points: 
  • Exostar's Onboarding Module automates the delivery, completion & sharing of the CCRA across the Exostar community.
  • The CCRA provides a standardized, consistent means for collecting cybersecurity compliance data and calculating supplier risk.
  • The Exostar Platform's Onboarding Module , which provides supplier visibility and risk management functionality throughout the relationship life cycle, automates the completion and sharing of the CCRA, adding even greater value.
  • "Now, all DIB companies can leverage The Exostar Platform's Onboarding Module to accelerate CCRA adoption."

dotCMS Successfully Achieves TX-RAMP Certification, Texas Risk and Authorization Management Program

Retrieved on: 
Tuesday, March 19, 2024
Certification, Trust, Education, Information, Level 2, NIST, Computer security, Level 1, Cloud computing, DotCMS, DIR, Medical device

MIAMI, March 19, 2024 /PRNewswire-PRWeb/ -- dotCMS announced today that the leading hybrid-headless content management system is now TX-RAMP Level 2 certified.

Key Points: 
  • MIAMI, March 19, 2024 /PRNewswire-PRWeb/ -- dotCMS announced today that the leading hybrid-headless content management system is now TX-RAMP Level 2 certified.
  • TX-RAMP, the Texas Risk and Authorization Management Program , is a framework established by the Texas Department of Information Resources (DIR) to ensure the security of cloud computing services that process, store, or transmit data for state agencies, including institutions of higher education and public community colleges.
  • The program is built on baseline security requirements derived from the National Institute of Standards and Technology (NIST) 800-53.
  • This marks a significant accomplishment in our ongoing commitment to top-tier cybersecurity," says Dr. Mehdi Karimi, Director of Cybersecurity at dotCMS.