HHS has updated its free RISC 2.0 toolkit with a new cybersecurity module, asking hospitals to assess digital threats alongside hurricanes, power failures and other hazards.

The performance goals that industrial cybersecurity experts welcomed could be overshadowed by incoming mandates.

It's a marriage between the NIST cybersecurity the MITRE ATT&CK frameworks.

RSA Public Sector was full of discussions on why federal cybersecurity needs to be simplified. How to get there? The opinions differ.

U.S. senators have raised security concerns about a new Metro railcar project. The NIST cybersecurity framework will be part of the process now, the transit authority says.

Japanese companies use two U.S. government technology frameworks to help manage its own information security manpower shortages.

RSA CTO Zulfikar Ramzan talks with CyberScoop on how many enterprises have come to rely on NIST's seminal cybersecurity document.

The new version updates the federal agency's guidelines in several areas, including authentication and identity; cyber risk self-assessments; managing supply chain cybersecurity; and vulnerability disclosure.

Ten major cybersecurity companies have written to the U.S. Trade Representative Robert Lighthizer to urge that alignment of cybersecurity standards should be part of NAFTA.