Skip to content
    Home / Sector

    Sector

    NIST IR 8477 Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines

    NIST Interagency Report (IR) 8477, titled “Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines,” outlines a structured approach for mapping and documenting the relationships between elements-such as controls, requirements,… Read More »NIST IR 8477 Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines

    NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

    NIST Special Publication 1800-28, titled “Data Confidentiality: Identifying and Protecting Assets Against Data Breaches,” provides a comprehensive guide to help organizations identify and protect their data assets from unauthorized access… Read More »NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

    NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

    NIST Special Publication 1800-29, “Data Confidentiality: Detect, Respond to, and Recover from Data Breaches,” provides organizations with practical guidance on managing data confidentiality risks by focusing on the latter three… Read More »NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

    CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

    The Cloud Security Alliance’s (CSA) Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™) is an emerging, cloud-centric threat matrix designed to address the unique and rapidly evolving security risks in cloud… Read More »CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

    NIST SP 800-221 Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio

    NIST SP 800-221 serves as the critical functional bridge between enterprise-level strategy and technical delivery, focusing on the Enterprise Impact of Information and Communications Technology (ICT) Risk. It moves beyond… Read More »NIST SP 800-221 Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio

    ANSSI Recommendations for Secure Administration of AD-based IS (FRENCH)

    The ANSSI document “Recommandations pour l’administration sécurisée des SI reposant sur Active Directory” provides comprehensive guidance to secure information systems (SI) that rely on Microsoft’s Active Directory (AD). It emphasizes… Read More »ANSSI Recommendations for Secure Administration of AD-based IS (FRENCH)