Encryption and NIST FIPS 140 (FIPS 140-2)

FIPS featured

In April 2022, NIST stopped accepting applications for validation certificates for the FIPS 140-2 standard of security in lieu of the updated FIPS 140-3. While many companies are still waiting for their FIPS 140-2 certification (if they got their application in before the April deadline), many are now considering adopting the new 140-3 standard. 

But, to understand the new standard, it’s important to understand the old. FIPS 140-2 has been the NIST standard for cryptography for almost two decades, and its impact will still be felt for years to come. 

 

Read More

What Is NERC CIP Compliance?

NERC CIP featured

The continual news of state-sponsored hackers attacking U.S. infrastructure has led the general public to better understand that digital security is a critical part of our overall national security. Digital systems aren’t isolated to high-tech companies–instead, cybersecurity touches on almost every aspect of our lives, particularly energy and utility management.

The U.S. government was already ahead of this curve and, starting in the 1990s, began implementing government regulations (in partnership with private companies) to protect the country’s electrical infrastructure. This led to the North America Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) requirements. 

 

Read More

What Are ISO 22301 and Business Continuity?

quantum computing

Modern security and risk frameworks often focus on a limited set of concerns–security controls, external threats, insider threats, upgrading or updating systems, etc. But, as the relationships between security, business continuity, and system reliability become more complex in our data-saturated environment, organizations must have equally robust system support in place to ensure that information remains secure and available at all times. 

ISO 22301, “Security and resilience–Business continuity management systems–Requirements,” the International Organization for Standardization (ISO) defines a broad set of standards that organizations can implement to focus on business continuity and resilience. 

 

Read More