What Should a Cyber Security Policy Include?

Every organization needs an effective cyber security policy Anyone who has taken the CISSP exam knows that cyber security policy is at the top of the policy/standard/procedure hierarchy. The logic is that cyber security policy must come first because it identifies the organization’s security issues and their scope; it answers the question, “Why do we… Read More

NIST Proposes Stronger Cyber Standards for Defense Contractors

Proposed Supplement to NIST 800-171 Addresses Advanced Persistent Threats Targeting Defense Contractors U.S. defense contractors are being heavily targeted by foreign cybercriminals. An internal Navy cyber security audit ordered after a series of successful breaches of Navy contractors revealed an agency in complete cyber chaos “in ways few appreciate, fewer understand, and even fewer know… Read More