by John Verry | Jun 3, 2020 | IoT Security
Reading Time: 4 minutes
I am on record as largely being a very big fan of NIST guidance. My only significant complaint being that they often produce too many forms of interrelated guidance on a single subject, often cross-referenced to dozens of other NIST...
by John Verry | Feb 13, 2020 | Privacy
Reading Time: 4 minutes
GDPR, CCPA and the NIST Privacy Framework, OH MY! Like Dorothy in The Wizard of Oz, those of us concerned with privacy regulations seem to be following a yellow brick road. Although where this one ends there’s no all-powerful and...
by Michael Gargiullo | Mar 19, 2019 | InfoSec Strategies
Reading Time: 2 minutes
Even this era of near-daily data breach headlines, the Collection 1 trove gives one pause. What is being called the largest public breach ever is apparently just the tip of a gargantuan, 4TB iceberg of unique emails and passwords,...
by John Verry | Feb 4, 2019 | ISMS Consulting
Reading Time: 2 minutes
Okay, that was harsh… But anyone who has had the “pleasure” of explaining the “simple complexity” of the NIST Cybersecurity Framework to management or other non-technical folks understands how challenging it can be. As the Virtual...
by John Verry | May 11, 2018 | Penetration Testing
Reading Time: 3 minutes
Editor’s Note: This post was originally published in June 2013 and has been updated for accuracy and comprehensiveness. NIST/FISMA guidance is generally more prescriptive than most other forms of information security guidance....