The National Institute of Standards and Technology (NIST) has recently provided a glimpse into their revised Risk Management Framework (RMF). NIST issued a Final Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations–A System Life Cycle Approach for Security and Privacy. The focus of the revised
Cybersecurity Rule
Navy Boils The Ocean on Cyber
The Navy has recently issued a policy memorandum entitled “Implementation of Enhanced Security Controls on Select Defense Industrial Base Partner Networks” that calls for heightened cybersecurity requirements and oversight for “critical” government contractors handling their sensitive government data, broadly referred to as controlled unclassified information (“CUI”) or “covered defense information” (CDI) within the defense sector. …
Colorado’s New Data Privacy Bill Increases Notification and Safeguarding Requirements
The Colorado legislature recently passed a new data privacy law, House Bill 18-1128, which heightens requirements for corporate and public entities handling personal information of Colorado residents. Effective September 1, 2018, the law aims to strengthen consumer data privacy by 1) shortening the time frame required to notify affected Colorado residents and the Attorney…