Walter Copan has been nominated by President Donald Trump to be the new under secretary of commerce for standards and technology and director of the National Institute of Standards and Technology. 

Successfully resolving a major cyber incident takes more than shutting down the hackers.

The NIST Cybersecurity Frame-work focuses twice on the concept of improvement, doing so within both the Respond and the Recover functions.

Paul McCartney wrote “The Long and Winding Road” while the Beatles were in the throes of dissent and months away from breaking up. Listening now to the song’s yearning lyrics and plaintive melody, is it possible that Sir Paul actually anticipated the NIST Cybersecurity Framework’s Recover function, and was imagining the category titled Recovery Planning?

U.S. President Donald Trump signed an executive order today to bolster the government’s cybersecurity and protect critical infrastructure from cyberattacks. 

If at first you don’t succeed, try, try again.” Although catchy, we all know that the real keys to success after failure are reflection and adaptation, not mere persistence.

Whether it’s an HVAC system, a point-of-sale terminal or a video surveillance camera, malicious attackers are looking for any way into your network and closer to your valuable data, systems and intellectual property.

Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs?  Enter the NIST Framework category titled Mitigation.

Albert Einstein once observed, “Not everything that can be counted counts, and not everything that counts can be counted.”

A significant part of incident response involves communication.