NIST CSF Function PR
The Protect (PR) Function is the primary defensive pillar of the NIST Cybersecurity Framework (CSF) 2.0, operating as the “safeguard” engine since its inception to provide a unified technical response to identified cyber risks. The PR Function supports both infrastructure teams and data owners by offering a suite of proactive controls, such as identity management and encryption, to reduce the likelihood and impact of adverse events and to help make the organization the safest place for business-critical services to operate. Acting as the framework’s “armor,” the PR Function monitors access attempts, issues requirements for security awareness training, coordinates with the Identify function to ensure the most critical assets receive the strongest protections, and serves as the single point of mitigation before an incident occurs, ensuring a coordinated and resilient technical approach to cybersecurity.
The OWASP LLM AI Cybersecurity & Governance Checklist provides organizations with a structured framework to manage the risks and responsibilities associated with deploying Large Language Models (LLMs). It covers 13… Read More »OWASP LLM Applications Cybersecurity and Governance Checklist v1.1
The CNIL Practice Guide for the Security of Personal Data (2024 edition) provides comprehensive guidance for organizations to implement appropriate technical and organizational measures to protect personal data in compliance… Read More »CNIL Practice Guide for the Security of Personal Data
NIST Special Publication 1800-28, titled “Data Confidentiality: Identifying and Protecting Assets Against Data Breaches,” provides a comprehensive guide to help organizations identify and protect their data assets from unauthorized access… Read More »NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches
NIST Special Publication 1800-29, “Data Confidentiality: Detect, Respond to, and Recover from Data Breaches,” provides organizations with practical guidance on managing data confidentiality risks by focusing on the latter three… Read More »NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches
The NCSC Guidelines for Secure AI System Development provide comprehensive recommendations to ensure that AI systems are designed, developed, deployed, and operated securely throughout their entire lifecycle. The guidelines are… Read More »NCSC Guidelines for Secure AI System Development
The Cloud Security Alliance’s (CSA) Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™) is an emerging, cloud-centric threat matrix designed to address the unique and rapidly evolving security risks in cloud… Read More »CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration
The ANSSI document “Recommandations pour l’administration sécurisée des SI reposant sur Active Directory” provides comprehensive guidance to secure information systems (SI) that rely on Microsoft’s Active Directory (AD). It emphasizes… Read More »ANSSI Recommendations for Secure Administration of AD-based IS (FRENCH)
NIST Special Publication 800-82 Revision 3, titled “Guide to Operational Technology (OT) Security,” provides comprehensive guidance on securing operational technology systems, which include a wide range of programmable devices and… Read More »NIST SP 800-82 Rev. 3 Guide to Operational Technology (OT) Security
The CIS Software Supply Chain Security Guide, developed in collaboration with Aqua Security, offers over 100 foundational security recommendations aimed at safeguarding the software supply chain across various technologies and… Read More »CIS Software Supply Chain Security Guide
The CIS Controls Cloud Companion Guide v8 provides detailed guidance on applying the security best practices from CIS Controls version 8 to cloud environments from the consumer or customer perspective.… Read More »CIS Controls Cloud Companion Guide v8