Cyber Compliance Watch

NIST SP 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

April 1, 2020April 27, 2025
Data Protection & AI

NIST SP 1800-25, titled “Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events,” provides practical guidance for organizations to identify, protect, and… Read More »NIST SP 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

NIST SP 800-37 Rev. 2 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

December 1, 2018April 29, 2025
Governance Framework

NIST Special Publication 800-37, Revision 2, titled “Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy,” provides… Read More »NIST SP 800-37 Rev. 2 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

ISO/IEC 27000:2018 Information technology — Security techniques — Information security management systems — Overview and vocabulary

January 1, 2018April 29, 2025
Governance Framework

The ISO 27000 standard provides an overview and introduction to the ISO 27000 family, which is a series of international standards focused on information security… Read More »ISO/IEC 27000:2018 Information technology — Security techniques — Information security management systems — Overview and vocabulary

ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance

March 1, 2017April 29, 2025
Governance Framework

ISO/IEC 27003 provides detailed guidance for organizations on how to implement an Information Security Management System (ISMS) based on the requirements of ISO/IEC 27001. It… Read More »ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance

ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation

December 1, 2016April 29, 2025
Monitoring

ISO/IEC 27004 is an international standard that provides guidelines for monitoring, measuring, analyzing, and evaluating the performance and effectiveness of an Information Security Management System… Read More »ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation

CSA Big Data Security and Privacy Handbook

August 26, 2016April 29, 2025
Data Protection & AI

The CSA Big Data Security and Privacy Handbook provides a comprehensive guide to best practices for securing and protecting privacy in big data environments. Structured… Read More »CSA Big Data Security and Privacy Handbook

NIST SP 800-30 Rev. 1 Guide for Conducting Risk Assessments

September 1, 2012April 29, 2025
Risk Management

NIST Special Publication 800-30, titled “Guide for Conducting Risk Assessments,” provides comprehensive guidance for organizations to conduct risk assessments of federal information systems and organizations.… Read More »NIST SP 800-30 Rev. 1 Guide for Conducting Risk Assessments

US DOD Security Technical Implementation Guides (STIGs)

October 20, 2002April 23, 2025
Infrastructure

Security Technical Implementation Guides (STIGs) are detailed, prescriptive documents developed by the Defense Information Systems Agency (DISA) that define standardized security configurations and requirements for… Read More »US DOD Security Technical Implementation Guides (STIGs)

CIS Benchmarks

January 1, 2000April 28, 2025
Infrastructure

CIS Benchmarks are comprehensive, consensus-driven security guidelines developed by the Center for Internet Security to help organizations securely configure a wide range of IT systems,… Read More »CIS Benchmarks