All NIST articles
-
WebcastMay 22 | The Compliance Practitioner Challenge: Staying Ahead of AI Regulations
As AI presents new opportunities to drive insight and efficiency, it brings new challenges of risk mitigation and overall company protection.
-
PremiumSpeakers at Compliance Week AI & Compliance Summit talk future rules around technology
While companies are exploring and building artificial intelligence technology, lawmakers and regulators are trying to identify what ground rules they need to set. These guardrails are what companies and governments alike believe are essential parts of ensuring safe and responsible use of the technology.
-
News BriefTreasury report identifies AI use ‘capability gap’ between large, small FIs
A Treasury Department report assessing the use of artificial intelligence tools by the financial sector identified a “growing capability gap” in in-house AI use between large and small financial institutions.
-
PremiumNIST report: Mitigating the risks of cyberattacks on AI systems
Cyberattacks on artificial intelligence systems are increasing, so it’s important users know their vulnerabilities and try to soften the damage if they get hit, according to a new report by the National Institute of Standards and Technology.
-
PremiumAI in 2024: More business use, more fraud risks
Use of generative artificial intelligence by businesses will ramp up in 2024, as will risk of AI-driven cyberattacks and fraud, according to experts.
-
PremiumBiden AI executive order tips hand on areas of regulation focus
It’s all hands on deck at the White House to put into motion the dozens of directives in President Joe Biden’s executive order on artificial intelligence, according to Nik Marda, chief of staff for the Technology Division in the Office of Science and Technology Policy.
-
News BriefBiden executive order aims to cut AI risk while boosting safe use
Companies that design powerful artificial intelligence systems must perform safety tests on the programs and share results with the U.S. government under a sweeping executive order intended to make AI safe while furthering robust innovation.
-
PremiumNIST framework might help organizations prepare for AI regulations
The new artificial intelligence framework released by the National Institute of Standards and Technology is not a checklist for AI but might help organizations better manage the risks associated with the technology.
-
PremiumBiden cyber strategy plan calls for big businesses to step up
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
-
ArticleProposed NIST cybersecurity guide incorporates HIPAA Security Rule
The National Institute of Standards and Technology is seeking comment on proposed guidance intended to help healthcare organizations that fall under the regulatory umbrella of the Health Insurance Portability and Accountability Act’s Security Rule.
-
PremiumChapter 1, Part 1: Betsy’s human error triggers ransomware crisis
When one of fictional private utility company Vulnerable Electric’s most dedicated employees falls victim to a social engineering hack, her actions in the immediate aftermath are crucial to what will soon become a crisis for the C-suite.
-
ArticleTPRM 2021: What to do before, during, and after a ransomware attack
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
-
ArticleNew NIST revisions expand scope of cyber supply chain risk management guidance
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
-
ArticleNIST guidance tackles how to integrate cyber-security with ERM
New guidance from NIST aims to demystify a process with which many companies across all industries have long struggled: how to seamlessly integrate cyber-security risk into an overall enterprise risk management program.
-
ArticleReport slams ‘woefully lax’ cyber-security controls at CIA
Cyber-security protections deployed for some of the nation’s most secret data was “woefully lax,” according to a 2017 intelligence brief that detailed shortcomings at the CIA following the agency’s 2016 data breach.
-
ArticleNIST seeks comment on ransomware, cyber-attack guidance
The National Institute of Standards and Technology is seeking input on a trio of draft guidance published in the past week. Two of the drafts address ransomware attacks, and the third addresses protecting against cyber-attacks in the supply chain.
-
ArticleCompliance 2020: A timeline
Compliance Week looks back at two decades of scandals, enforcement actions, and regulatory policies (2000-2019) that shaped the compliance function we see today.
-
ArticleFTC proposes five amendments to NIST Privacy Framework
The FTC has submitted comment on NIST’s draft Privacy Framework, praising the agency for its proposal to help firms open a privacy dialogue and suggesting five amendments to improve upon the draft.
-
ArticleNIST provides guidance on how to bridge privacy, cyber-security processes
NIST’s new draft Privacy Framework offers much-needed guidance to help companies align their data privacy and cyber-security risk management practices.
-
ArticleUnderstanding NIST’s new Risk Management Framework
NIST’s new Risk Management Framework—used with the agency’s Cybersecurity Framework—offers companies direction in integrating cyber-security, privacy, and supply-chain risk management.