Cybersecurity Articles
-
NIST for Small Businessess without Employees
No, that is not a typo. Have you read the NIST internal report for small businesses, without any employees? There are non-employer firms that have no paid employees other than…
-
Risk Intelligence & Threat Intelligence
Are you familiar with Risk Intelligence and Threat Intelligence? Do you think they are similar? I was asked the other day what the difference was between the two. So, I…
-
Cybersecurity Approaches and Regulations
We are all aware that cybersecurity is a pressing concern for businesses, regulators, and policymakers alike. However, what constitutes “reasonable” cybersecurity remains subject to interpretation. Understanding how regulators and lawmakers…
-
CIS Controls
It’s been over a month since I last posted on my blog. I was busy finishing up my Master’s Degree, and time just flew by! My goal is to write…
-
Cybersecurity Law: Computer Fraud and Abuse Act
I was reading a book on Cybersecurity Law, and I read about one of the federal statutes in the U.S. cybersecurity legal spectrum; the Computer Fraud and Abuse Act (CFAA).…
-
Strengthening Security with Network Segmentation
IT networks are getting more and more complex these days, and as cyber threats continue to evolve the concept of network segmentation comes into play. Segmentation is important for several…
-
NIST AI Risk Management Framework 1.0 Overview
This Framework was released in January 2023, and provides guidelines to manage risks associated with AI systems, and it emphasizes key principles such as validity, reliability, robustness, explainability, privacy, and…
-
Key Updates in NIST Cybersecurity Framework 2.0
The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024 (exactly one year ago today), introduced several significant updates compared to CSF 1.1 (2018) to address evolving cybersecurity challenges and…
-
Incident Response using the NIST Guidelines
The National Institute of Standards and Technology (NIST) provides structured guidelines for incident response to help organizations effectively manage cybersecurity threats. These guidelines can be found in the framework for…
-
Why Multi-Factor Authentication is Essential for Online Security
By Jorge Castaneda We are online almost every day if not every day! Yet, a lot of people don’t take online security very seriously. Online security is more important than…
CyberCasta 