後來被NIST SP 800-53第三版取代。此份文件強調自我評估以及風險評估的重要性[5]。 Special publication 800-37是在2010年所更新，敘述一種新的風險評估方式：《應用風險管理框架到聯邦資訊系統的指引》（Guide ...

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

对于不熟悉网络安全概念的人，ISO/IEC TS 27100 提供了有用的概述。在进行风险评估之前，最好先查看 ISO/IEC 27001 等标准以及 NIST SP 800-37 和 ISO/IEC TS 27110等框架，这些框架可以帮助指导组织如何以结构化的方式评估其信息安全风险，并确保缓解控制措施适当且有效。

NIST called for an overhaul of digital password practices in the second public draft of its digital identity guidelines published in September. The guidance recommended organizations implement longer ...

Nation-state actors are investing aggressively in advanced cyber operations to target government information and technology ...

The European Council on Thursday adopted security-by-design regulation that makes patching and vulnerability updates mandatory for connected devices in the European Union. See Also: How to Build a ...

The proliferation of data in today’s hyperconnected world presents significant opportunities as well as risks. Rigo Van den Broeck, executive vice president of cybersecurity at Mastercard, said that ...

A U.S. federal judge mostly stopped from going into effect a newly-enacted California law restricting the use of ...